Posted by: Robert Richardson
Information Security Threats
Out in the last few days is an interesting quarterly update report from McAfee.
Topline findings from the second quarter of the year include the following:
- Banking Malware. Malicious parties employ mobile malware that capture usernames and passwords, and then intercept SMS messages containing bank account login credentials to directly access accounts and transfer funds.
- Fraudulent Dating Apps. These apps dupe users into signing up for paid services that do not exist. The profits from the purchases are later supplemented by the ongoing theft and sale of user information and personal data stored on the devices.
- Weaponized Apps. These threats collect a large amount of personal user information (contacts, call logs, SMS messages, location) and upload the data to the attacker’s server.
- Ransomware. The number of new samples in the second quarter was greater than 320,000, more than twice as many as the previous period.
- Attacks on Bitcoin Infrastructure. In addition to disruptive distributed denial of service attacks, victims were infected with malware that uses computer resources to mine and steal the virtual currency.
That last bit, the Bitcoin bit, was kind of interesting, in that the whole Bitcoin kerfluffle has completely fallen off the radar in a remarkably short amount of time. There’s a nice timeline in the report to refresh one’s memory–and I suspect we’ll here more about Bitcoin someday fairly soon. On the other hand, it didn’t seem like McAfee could offer any information that was already generally reported in the news.