O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

2015 Mobile Threat Report - The Rise of Mobile Malware

1.170 visualizações

Publicada em

By end of 2015 there will likely be more smartphones than humans and by 2016 there could be 10 billion smartphones. That’s 1.4 mobile devices for each human on the planet.

People are increasing their reliance on their mobile devices to perform monetary transactions, including purchasing goods and services and sending a variety of payments. The rapid adoption of, and reliance on, mobile technologies has not gone unnoticed by the cybercriminals.

Unfortunately, mobile users face a range of very real risks from ransomeware, spyware, malicious apps and financial malware. Ori Bach, Senior Security Strategist for IBM Security Trusteer, shares the latest research on mobile threats including:

• Top mobile threats for the remainder of 2015
• Growth trends for attacks and malicious actors
• Future trends in mobile threats
• The emerging underground mobile malware market

Publicada em: Tecnologia
  • Seja o primeiro a comentar

2015 Mobile Threat Report - The Rise of Mobile Malware

  1. 1. 2015 Mobile Threat Report - The Rise of Mobile Malware
  2. 2. AGENDA • State of mobile security • Understanding the mobile threat landscape • Infections vectors • Top monetization schemes • Emergence of the mobile cybercrime underground • Consumer awareness of mobile security threats 2
  3. 3. THE STATE OF MOBILE SECURITY Mobile downloads will increase to 108 billion by 2017. 2 Mobile malware is growing. Malicious code is infecting more than 11.6 million mobile devices at any given time. 3 In 2014 the number of cell phones (7.3 billion) will exceed the number of people on the planet (7 billion).1 Mobile devices and the apps we rely on are under attack. 90%of the top mobile apps have been hacked. 4 AS MOBILE GROWS, SO DO SECURITY THREATS
  4. 4. 4 Responded that they do not know if they had been made vulnerable Do not know whether they had any corporate assets hijacked for botnet use or if they had any user credentials stolen in 2014. Do not know if they had become victimized by an advanced persistent threat (APT) SECURITY IS LAGGING
  5. 5. 5 FS-ISAC Regulations REGULATORS AND INDUSTRY BODIES CALL TO SECURE THE MOBILE CHANNEL Regulations
  6. 6. UNDERSTANDING THE MOBILE THREAT LANDSCAPE 6 Jailbroken/ Rooted Outdated OS Unsecure Wifi Mobile Malware Rogue Apps App Vulnerabilities Stolen DeviceBYOD App hacking Secure? Fake Apps
  7. 7. UNDERSTANDING THE MOBILE THREAT LANDSCAPE 7 Security Intelligence Secure the Device Secure the Application Identity, Fraud, and Data Protection Secure the Transaction Personal and Consumer Enterprise Secure the Device Secure the Application Secure the Transaction Security Intelligence Stolen Device App Vulnerabilities HIGH LOWSolutions for the Spectrum of Business Span of Control Business Partners Consumer Transactions Task/Temp Workers Employees w/BYOD Corporate Owned Assets Outdated OS Jailbroken/ Rooted Unsecure Wifi App hacking  Fake Apps Rogue Apps / Mobile Malware Mobile fraud Vulnerable devices Data Breach
  8. 8. MOBILE DEVICE RISK 8 Risk Jailbroken/ Rooted Outdated OS Unsecure Wifi Malware Rogue Apps Stolen Device
  9. 9. THE MALWARE IS OUT THERE 9 H1’ 2015 infection rates
  10. 10. 10 87% 72% MOBILE MALWARE TOP MONETIZATION SCHEMES • Financial information stealers • 2-Factor Authentication/One-Time-Passwords/Token codes hijacking • Telephony Fraud • Scare-Ware and Dummy Apps • The Top-Up Trojan • Mobile Ransomware
  11. 11. MOBILE BANKING FRAUD
  12. 12. 12 MOBILE RANSOMWARE
  13. 13. 13 13 OLD “FRIENDS” CRASH THE PARTY
  14. 14. MALWARE LEADS TO MALWARE 14
  15. 15. 15 INFECTION VECTORS - PHISHING / SMISHING 15
  16. 16. 16 CROSS-CHANNEL INFECTIONS •Cybercriminals convince users to supply mobile phone number to install app on phone via malware or phishing •Users installs fake security application and enters “activation code” in PC malware confirming they completed the mobile install •Malware captures all SMS traffic, including OTP and forwards to fraudsters allowing fraudulent transfers via Web and using captured OTP to bypass authentication 16 Coordinated attacks across PC and mobile
  17. 17. INFECTION VECTORS – FAKE APPS 17 17 Over 80,000 users have granted the apps permission to run on their browser, despite the warning the games will receive full access to a player’s web activity
  18. 18. 18 VULNERABLE DEVICES 18
  19. 19. 19 INFECTED APPS ON THE OFFICIAL STORES 19
  20. 20. OTHER INFECTION VECTORS 20
  21. 21. 21 EMERGENCE OF THE MOBILE CYBERCRIME UNDERGROUND
  22. 22. 22 22 UNDERGROUND DISCUSSIONS
  23. 23. 24 THE MOBILE MALWARE ECO SYSTEM
  24. 24. EXAMPLE OF MOBILE MALWARE OFFERING • Gain administrator privilege level on the device • Grab and send all device information (Phone number, ICCD, IMEI, IMSI, Model, OS) • Intercept and send out SMS content to admin panel and controlling number. • Covertly send SMS to any number – invisible to the victim and grab all incoming and outgoing SMS content. • Redirect calls from the device to another number. • Grab all contact and call logs and send to admin panel. • Record audio files via the devices camera and send to admin panel. 25
  25. 25. EXAMPLE OF UNDERGROUND PRICE LIST 26 ITEM PURPOSE PRICE* PRICING MODEL BOT ADMIN PANNEL MANAGE A BOTNET $4000 DOWN + $500 MONTHLY FEES TO RENT MAZWLTOV! MALWARING SPREADING $3000 SERVICE SPYWARE CYBER-ESPIONAGE $7,000 TO OWN BANKIR FINANCIAL INFORMATION STEALER $5000 TO OWN X-iTmo SMS 2FA INTERCEPTOR $715 TO RENT (3 MONTHS) *Prices In USD. Original prices are in USD or BTC
  26. 26. 27 390 609 355 CONSUMER AWARENESS OF MOBILE SECURITY THREATS
  27. 27. IBM MOBILE SECURITY FRAMEWORK 28 MobileFirst Protect (MaaS360) AppScan, Arxan, Trusteer M; bile SDK AirWatch, MobileIron, Good, Citrix, Microsoft, Mocana HP Fortify, Veracode, Proguard CA, Oracle, RSA • Manage multi-OS BYOD environment • Mitigate risks of lost & compromised devices • Separate enterprise and personal data • Enforce compliance with security policies • Distribute & control enterprise apps • Build and secure apps & protect them “in the wild” • Provide secure web, mobile, API access control • Meet ease-of-use expectation Extend Security Intelligence • Extend security information & event management (SIEM) to mobile platform • Incorporate mobile log management, anomaly detection, configuration & vulnerability mgmt Protect Devices Secure Content & Collaboration Safeguard Applications & Data Manage Access & Fraud Extend Security Intelligence DATA Personal and Consumer Enterprise Manage Access & Fraud Safeguard Applications & Data Secure Content & Collaboration Protect Devices
  28. 28. NEW CSX TRAINING & CERTIFICATIONS Introducing CSX Skills-Based Cybersecurity Training and Performance-Based Certifications! • Designed to help you build, test and showcase your skills in critical areas of cybersecurity – and prove you have the ability to do the job from day one. • Unlike other certifications available today which test for knowledge in a question and answer format, CSX training and exams are conducted in a live, virtual “cyber lab” environment — providing validation of actual technical skill, ability and performance. • Training courses will be available through leading global training partners, to help professionals build skills needed at each certification level 29

×