Publications
Partners
Cape Town - As the 2014 Soccer World Cup heads into second round, cyber criminals are upping the ante with "malvertising" - malware that is injected into mobile applications.
The global showcase has been the ideal venue for hackers to test their skills as people rush to download apps related to soccer, the teams and players.
"It is very difficult for normal people to distinguish between malware and advertising. Any software that automatically renders advertisements in order to generate revenue or accomplish some kind of goal is called Adware or Advertising-Supported Software," Andrew Kirkland, Trustwave regional director for Africa told Fin24.
The company specialises in software security threats and uncovered a number of applications that could be injected with malware on popular smartphone platforms.
"Malvertising (malicious advertising) affects mobile applications. It is very common in the applications stores of the various mobile phones to have application with a free and paid version, where the free versions normally contain the advertising. This advertising is vulnerable to Malware injection just as it would be on a normal computer," Kirkland added.
Original source
Cyber criminals can operate from any location in the world, and though Trustwave recently found that the US servers host the overall majority of malware globally, it is unclear what the original source of the malware is.
"It all depends on what the malware did and how easy it is to re-create the attacker's steps. It is best to do some forensic analysis and determine exactly what happened, not only will that give you a very good idea where the malware came from but also it will prevent the same breach from happening again," Kirkland explained.
Cyber criminals are making serious efforts to inject malware into popular applications and platforms. (Duncan Alfreds, Fin24)
Security company Kaspersky Lab recently unveiled an Android malware called Svpeng that has turned its attention to English speakers.
Once activated, the malware is able to lock people out of their mobile devices and demand payment through accounts that are difficult to trace.
"It is impossible to repel an attack of American Svpeng if a mobile device doesn't have a security solution - the malware will block the device completely, not separate files as Cryptolocker did. If it happens to you, you can do almost nothing," said Roman Unuchek, senior malware analyst at Kaspersky Lab.
Kirkland warned that corporates faced an acute threat from users who unwittingly or otherwise downloaded malware on to company servers.
"The business must prepare for the onslaught of malvertising by installing anti-malware gateways that sit between users and the internet to prevent corporate malware infections and data loss. The risk of infection through employees accidentally falling victim to a malware attack is too great for any business to not be ready for whatever is thrown their way."
Bait
Cyber criminals have a modus operandi of using major events like the World Cup or the disappearance of Malaysian flight ML370 to lure people to install malware on computers and now, even smartphones.
"It is up to the user to make sure they use the latest browser, for example, that would include the latest security advances that can make attacks more difficult. Other programs like Adobe Flash Player and Adobe Reader also needs to be kept up-to-date as they have vulnerabilities that can be exploited," advised Kirkland.
He said that it was virtually impossible for the organisers of major events to plan defences around cyber exploitation.
"It is very difficult for the organisers to play a part in preventing malware from being injected into their advertisements as the injection happens on the users' device."
- Follow Duncan on Twitter
The global showcase has been the ideal venue for hackers to test their skills as people rush to download apps related to soccer, the teams and players.
"It is very difficult for normal people to distinguish between malware and advertising. Any software that automatically renders advertisements in order to generate revenue or accomplish some kind of goal is called Adware or Advertising-Supported Software," Andrew Kirkland, Trustwave regional director for Africa told Fin24.
The company specialises in software security threats and uncovered a number of applications that could be injected with malware on popular smartphone platforms.
"Malvertising (malicious advertising) affects mobile applications. It is very common in the applications stores of the various mobile phones to have application with a free and paid version, where the free versions normally contain the advertising. This advertising is vulnerable to Malware injection just as it would be on a normal computer," Kirkland added.
Original source
Cyber criminals can operate from any location in the world, and though Trustwave recently found that the US servers host the overall majority of malware globally, it is unclear what the original source of the malware is.
"It all depends on what the malware did and how easy it is to re-create the attacker's steps. It is best to do some forensic analysis and determine exactly what happened, not only will that give you a very good idea where the malware came from but also it will prevent the same breach from happening again," Kirkland explained.
Cyber criminals are making serious efforts to inject malware into popular applications and platforms. (Duncan Alfreds, Fin24)
Security company Kaspersky Lab recently unveiled an Android malware called Svpeng that has turned its attention to English speakers.
Once activated, the malware is able to lock people out of their mobile devices and demand payment through accounts that are difficult to trace.
"It is impossible to repel an attack of American Svpeng if a mobile device doesn't have a security solution - the malware will block the device completely, not separate files as Cryptolocker did. If it happens to you, you can do almost nothing," said Roman Unuchek, senior malware analyst at Kaspersky Lab.
Kirkland warned that corporates faced an acute threat from users who unwittingly or otherwise downloaded malware on to company servers.
"The business must prepare for the onslaught of malvertising by installing anti-malware gateways that sit between users and the internet to prevent corporate malware infections and data loss. The risk of infection through employees accidentally falling victim to a malware attack is too great for any business to not be ready for whatever is thrown their way."
Bait
Cyber criminals have a modus operandi of using major events like the World Cup or the disappearance of Malaysian flight ML370 to lure people to install malware on computers and now, even smartphones.
"It is up to the user to make sure they use the latest browser, for example, that would include the latest security advances that can make attacks more difficult. Other programs like Adobe Flash Player and Adobe Reader also needs to be kept up-to-date as they have vulnerabilities that can be exploited," advised Kirkland.
He said that it was virtually impossible for the organisers of major events to plan defences around cyber exploitation.
"It is very difficult for the organisers to play a part in preventing malware from being injected into their advertisements as the injection happens on the users' device."
- Follow Duncan on Twitter
