A study has revealed mobile malware tactics that abuse the popularity, features, and vulnerabilities of legitimate apps and services, including malware-infested clones masquerading as the popular mobile game Flappy Birds.
The McAfee Labs Threats Report: June 2014 highlights the need for mobile app developers to be more vigilant about the security of their apps, and encourages users to be mindful when granting permission requests that criminals could exploit for profit.
The manipulation of legitimate mobile apps and services played a key role in the expansion of mobile malware at the beginning of 2014. McAfee Labs found that 79% of sampled clones of the Flappy Birds game contained malware.
Through these clones, perpetrators were able to make phone calls without user permission, install additional apps, extract contact list data, track geo-location, and establish root access for uninhibited control over anything on the device, including the recording, sending, and receiving of SMS messages.
Beyond app reputation, McAfee Labs saw notable examples of mobile malware that take advantage of the features of trusted apps and services, including:
Android/BadInst.A: This malicious mobile app abuses app store account authentication and authorization to automatically download, install, and launch other apps without user permission
Android/Waller.A: This Trojan exploits a flaw in a legitimate digital wallet service to commandeer its money-transfer protocol and transfer money to the attacker’s servers
Android/Balloonpopper.A: this Trojan exploits an encryption method weakness in the popular messaging app WhatsApp, allowing attackers to intercept and share conversations and photos without users’ permission