Android Users: FakeSpy malware can infect your contact lists


Among the latest of several new threats targeting proprietary information is a brand new FakeSpy campaign aimed at Android users.

“In addition to this malware strain stealing an array of information the device it infects, it also, creates and sends SMS to other devices. This capability enables any threat actor to spread the malware throughout the victim’s own contact list,” warns Jeremy Samide whose Stealthcare introduced ZeroDay Live, which has become the most powerful threat intelligence platforms developed to date.

In addition to infecting smart phones, new evidence points to a low-cost Android phone being shipped with preinstalled malware, according to Samide, whose cybersecurity team often relies on tradecraft to ferret out these kinds of threats. “The Android uleFone S8 Pro ships with a sound recorder application that is actually a malicious variant with possessing capabilities that align it with a remote access Trojan. The malicious code transfers myriad information to attacker-controlled servers, including location, phone number, IMEI identifier number, MAC address, and more.”

The preinstalled malware can also perform backdoor functions such as downloading applications, and executing shell commands, say Stealthcare sources.

These examples illustrate the length to which threat actors will go to obtain sensitive data. “Threat actors come in all shapes and sizes with motivations ranging from proving ‘I can do it,’ to financial gain by stealing cash or proprietary information. They may also be major powers, or rogue states that are out to level the playing field with the US, Great Britain or the EU.”

The need for increasingly sophisticated cyber-defense strategies and technology is growing. During the past decade the global cybersecurity market has burgeoned from just under $10 billion to over $120 billion today, observes Samide, who predicts continued growth over the coming decade—driven by an improving world economy, greater reliance on the cloud, wider adoption of blockchain, the Internet of Things, (IoT), and disruptive innovations such as self-driving vehicles and drones.

“Cyberattacks are also becoming the offensive weapon-of-choice as well as a deterrent among nations. It’s been suggested that if a threat actor hacks GPS satellites it will not only halt air and ground transportation, but it will also knock out wire transfers that rely on GPS to track payment locations and times. International banking will screech to a halt,” says Samide.

It’s no surprise that Investor’s Business Daily’snetwork security industry group has climbed to the top 20 of its 197 industry groups, up nearly 20 percent this year. That helps explain why ETF MG Cyber Security (HACK) is now one of the leading ETFs.


Source: http://www.businesscomputingworld.co.uk