The growing popularity of mobile banking and the Android platform for smartphones is combining to make this a fertile area for cyber criminals to target.
AVG’s latest Threat Report confirms this trend and believes it will only continue to grow as cyber criminals are increasingly targeting the Android mobile platform with sophisticated social engineering attacks to hack into unsuspecting users’ mobile bank accounts.
We predicted this rise in both our preceding quarterly threat reports in 2012 and just like for desktops where Windows is the predominant operating system, that fact that Android accounts for 68% market share in devices makes it a lucrative hunting ground for criminals.
This is combined with an increase in mobile banking and mobile payments. A recent Federal Reserve report in March 2012 found that nearly 21% of mobile phone users in the survey used mobile banking in the past 12 months. And of those who do not currently use mobile banking, 11% report that they will “definitely’” or “probably’” use mobile banking in the next 12 months.
Both factors combine to offer an opportunity for cyber criminals, who try to exploit it using an attack method known as “man-in-the-mobile”.
Even the banks new two-step authentication process that requires users to input the traditional user/password combination with a transaction code sent to the account owner’s mobile device can be circumvented as the Trojan intercepts the text message verification codes. When this double whammy coincides it is the cyber criminal that is laughing all the way to the bank!
In our Q3 Threat Report, downloadable from this blog post, we also explain other trends in more detail. One to watch out for in the next quarter is a rise in exploits using the already popular “Blackhole exploit kit” (currently has 63% share in the malware market).
This exploit kit has been commercialised by cyber criminals, who package into an online subscription- based service that gives anyone the tools required to be a cyber criminal.
The latest version, Blackhole Exploit Kit 2.0, entered the market in mid September 2012 and we expect this to precipitate new attacks. These will be more aggressive than previous attacks since new methods of evasion techniques were introduced in the new version.