The COVID-19 pandemic and a false sense of security among smartphone users combined to make 2020 a banner year for mobile attacks. With an estimated 3.8 billion smartphone users globally to target, even a low hit rate can net cyber criminals a tidy profit. Threat groups were quick to recognize and exploit the opportunity with new forms of malware and social engineering scams.
The BlackBerry 2021 Threat Report traces these trends, and details the methods used by Anubis, Ginp, Cerberus, EventBot, and Marcher malware to steal user data via overlay attacks. Although they vary in approach, all the malware strains exploit legitimate Android™ system services to display pop-up forms requesting credential and payment information. Unwary users can easily be tricked into disclosing their personal data, especially if the form is timed to display when a trusted app is first launching.
BlackBerry analysts also examine the rash of malicious COVID-themed apps that debuted last year. One example is a bogus COVID-19 tracker application, which infects victims with CovidLock ransomware that locks them out of their phones until they pay a $100 ransom.
Also of interest is an analysis of BAHAMUT’s mobile phone strategy, which includes zero-day threats and dozens of malicious apps hosted in the Apple® App Store® and Google Play™ store. BAHAMUT is one of the most elusive, patient, and effective publicly known threat groups today – and one that BlackBerry has been tracking for some time. More information is available in BlackBerry’s deep dive into the group’s overall tactics, targets, and activities.
The BlackBerry 2021 Threat Report also includes suggestions on eliminating mobile security vulnerabilities in connected vehicles, and related efforts by the United Nations Economic Commission for Europe to establish consistent regulatory standards for member nations.
Gain additional mobile security insight and learn more with the BlackBerry 2021 Threat Report.