Tag Archive for: sophistication

Decline in mobile malware but hackers show growing sophistication

/in


Mobile malware attacks in Singapore declined 15.9% to 7385 in 2021 compared to the year before, in line with a global downward trend in the number of attacks on mobile users, according to global cybersecurity company Kaspersky.

Globally, the number of mobile malware attacks have been falling gradually from a peak of 6.49 million in October 2020 to a low of 2.23 million in December 2021, based on detection verdicts of Kaspersky products received from users worldwide.

As its name suggests, mobile malware is a malicious software that specifically targets the operating systems of mobile devices such as smartphones and tablets. However, despite a decrease in the number of attacks, users should not be letting their guard down considering that attacks are becoming more sophisticated in terms of both malware functionality and vectors.

“The future is definitely mobile here in Southeast Asia. At the surface, it may seem that cybercriminals are becoming less active because of the decreased mobile malware attacks. But it is a global trend and it does not necessarily mean we are safer,” says Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky.

“We have to note that as we embrace digital payment apps more, we unconsciously put more of our hard-earned money in our devices. Our devices which usually remain vulnerable from simple malware attacks,” he says. 

“There is a gap between awareness and action here in Southeast Asia so I urge digital payment providers and regulators to help us in encouraging users to protect their mobile devices too.”

In Singapore, the top-5 mobile malware detected in 2021 are as follows:

1.       Trojan-Downloader

2.       Trojan

3.       Trojan-Dropper

4.       Trojan-SMS

5.       Backdoor

Southeast Asian nations, primarily Indonesia, Malaysia, Philippines, Thailand, Vietnam and Singapore, collectively saw a decrease in mobile malware attacks from 605,192 in 2020 to 598,588 in 2021, representing a 1.1% decline as Kaspersky data revealed.

Globally, 2021 saw repeat incidents of malicious code injection into popular apps through ad SDKs, as in the sensational case of CamScanner — where Kaspersky found malicious code…

Source…

The Kaseya attack is a revolution in sophistication for ransomware hackers

/in


with Aaron Schaffer

Loading...

Load Error

The Kaseya ransomware attack, which paralyzed hundreds of businesses over the Fourth of July weekend, marks a major strategic advancement for the criminal hacking gangs that have wreaked havoc on U.S. businesses. 

Most ransomware gangs exploit basic security flubs to lock up victims’ computers and demand payments, such as shared and reused passwords. REvil, the Russia-based group responsible for this attack, however, exploited a computer bug that had never been used and was unknown to top cybersecurity experts. 

That’s a highly sophisticated sort of attack, known as a “zero day,” that’s more commonly used by nation-states looking to steal each other’s secrets than by financially motivated criminals. And it paid dividends — it’s the largest ransomware attack to date, locking up computers at up to1,500 companies that work with the software management company Kaseya and its clients, and enabling a $70 million ransom demand.  

That probably is a sign of things to come as cybercrime gets more lucrative and cybercriminals gain more money and resources to pull off major heists

“A lot of ransomware actors have bigger budgets than some nation-state actors do, so this is the logical next step,” Allan Liska, senior threat intelligence analyst at the cybersecurity firm Recorded Future, told me. “They’re going to have to continue going after larger targets if they want multimillion-dollar ransoms and using zero days is one way of doing that.” 

Criminal hackers are unlikely to ever achieve the skills of top government hackers in the United States, the United Kingdom, Russia and China. But they could equal the capabilities and investments of some third-tier cyber powers such as Pakistan or Brazil, Liska said. 



a man wearing a suit and tie: Russian President Vladimir Putin shakes hands with President Biden. (Brendan Smialowski/AFP/Getty Images)

© Brendan Smialowski/AFP/Getty Images
Russian President Vladimir Putin shakes hands with President Biden. (Brendan Smialowski/AFP/Getty Images)

The Kremlin could halt the advance.

Experts widely agree that REvil and other major ransomware gangs operate on Russian territory with at least the Kremlin’s tacit approval. 

“There’s no reasonable doubt among the analyst community that…

Source…

Russian hack’s sophistication impresses even the experts

/in


“This is classic espionage,” said Thomas Rid, a political science professor at the Johns Hopkins School of Advanced International Studies who specializes in cybersecurity issues. “It’s done in a highly sophisticated way. … But this is a stealthy operation.”

The impact may ultimately prove to be profound. SolarWinds, the maker of widely used network-management software that the Russians manipulated to enable their intrusions, reported in a federal filing Monday that “fewer than 18,000” of its customers may have been impacted. That’s a small slice of the company’s more than 300,000 customers worldwide, including the Pentagon and the White House, but still represents a large number of important networks worldwide. (Russia has denied any role in the attacks.)

FireEye, in a blog post explaining the nature of the attack on Sunday, described the victims as including “government, consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East. We anticipate there are additional victims in other countries and verticals.”

In the U.S. government, the known targets included the Treasury, Commerce and Homeland Security departments, and the impact is likely to be far broader, given the wide use of network tools by SolarWinds, which is based in Austin.

But the potentially good news is that quiet attackers tend to prioritize surreptitious entrances and exits, while avoiding wholesale ransacking of computer systems that could tip off defenders. Quiet hackers typically are more focused on covering their tracks than simply backing up a digital truck and taking everything they can.

The potential bad news, however, is that quiet attacks can be effective at gathering highly specific, sensitive information over the course of months or even years. While the details of what was taken and from whom are not yet public — the agencies and companies themselves may not even know for a while — the Russian operation dates at least as far back as March and was described as active as recently as Sunday.

That nine-month stretch included, to name just a few of the most important events that would have created copious computer files interesting to…

Source…

Bezos, WhatsApp Cyberattacks Show Growing Mobile Sophistication

/in

The recently disclosed Jeff Bezos phone hack and other incidents show that mobile devices are being increasingly targeted by sophisticated nation-state attackers.
Mobile Security – Threatpost