Cybercriminals focusing on data-rich smartphones

Cybercriminals have progressed to using Trojan Horse malware used to steal login credentials of mobile banking users

Afp March 02, 2017
Cybercriminals have progressed to using Trojan Horse malware used to steal login credentials of mobile banking users. PHOTO: REUTERS

BARCELONA: Smartphones have become a mine of personal information, holding bank data, credit card information and addresses, making them the preferred target for cybercriminals, experts warn.

"Cybercriminals go where there is value, and they have understood that the smartphone has become the preferred terminal for online shopping and payment," said Tanguy de Coatpont, head of the French branch of international anti-virus firm Kaspersky Lab at the Mobile World Congress in Barcelona.

Ransomware, which seizes control of computers and demands money to unblock users' data, has already started to target smartphones.

Now the devices are also being sought after as a gateway to key information about its user, experts at the phone industry's largest annual trade fair said.

Beware of this latest WhatsApp scam

Cybercriminals have progressed from smartphone ransomware attacks to using Trojan Horse malware that can steal the login credentials of mobile banking users, said Fabien Rech, the head of the French division of Intel Security.

Using the stolen credentials, thieves can then log in to the victim's account remotely and transfer money out.

"We see more and more attacks against banking apps," said Rech.

There was a 17 percent increase in attacks targeting banking apps last year around the world, according to Slovakian cybersecurity firm ESET.

A new crop of younger cybercriminals is more at ease with smartphones, said Russian online security specialist Eugene Kaspersky, the head of Kaspersky Lab.

"I think that old generation of cybercriminals are on personal computers, the new are those who are on mobile," he said.

Google unveiled security flaw in Windows 10 and Microsoft isn’t happy about it

While most cyberattacks target Android, the widespread smartphone operating system developed by US Internet giant Google, Apple's iOS system, used on iPhones and generally considered more secure, is not immune from attack either.

"Frauding iOS could be easier because you only have few devices using it," said Avishai Shoushen, the head of Israeli mobile advertising platform ClicksMob.

Since iPhones can be connected to other Apple products, hacking into the handset can give a cybercrimnal access to the data in other connected gadgets as well, said Ciaran Bradley, chief technology officer at Irish security firm Adaptive Mobile.

"Just an email looking like its coming from Apple can give an opportunity to access personal account information from any other device," he said.

Some phonemakers like Australia's Cog System are developing phones with extra security features to appeal to consumers who are concerned about hacking.

Google Pixel hacked by Chinese team within 60 seconds

The company unveiled in Barcelona the D4 Secure SDK, which it called "the world's most secure smartphone".

Cog Systems, which has for years supplied super secure phones for governments, is targeting big companies with the device.

Experts say most cyberattacks could be prevented by smartphone users, who are often not aware that their device could be targeted.

"Consumers think that it is up to manufacturers to handle security issues, they tend to believe their connected devices are secure and they don't think about it once it is open and running," said Rech.

De Coatpont said proper use of a smartphone was key to preventing cyberattacks.

"Protecting your mobile phone implies not installing unofficial applications and regularly updating its operating system when asked to do so. And of course paying attention to how you manage passwords," he said.

Facebook Conversations