Popular on PrZen
- Ideanomics Announces Q2 2020 Earnings - TESLA Model 3 Proof of Concept 304
- Goldstein Market Intelligence Expands its Intelligence Capabilities in UK with Senior Appointment
- Attention Bankoh Investment Customers Who Were Sold Northstar Financial Services (Bermuda) Ltd
- Successful Black Lawyers Share Lessons Learned and Provide Mentorship in a New Compilation Book
- ITSMA Announces Finalists for the 2020 Marketing Excellence Awards
- NC-16 Teenage Web Series is Now Available Released on SeekaTV
- Women in Quantum Summit launch event
- The 100 Best Places To Buy A Vacation Rental in 2020. Report Download Now Available
- Atlanta Church Teaches Youth How To Engage With Police; And Empowers Voter Rights At Virtual Summit
- Acumentrics Announces New Website Launch
Similar on PrZen
- Onlive Server Announced Europe based Germany VPS Server Hosting Services with KVM Hypervisor Cloud Panel
- Tom Urquhart, Ph.D., joins IOTech Systems as SVP of Professional Services
- CEO Coaching International Client, StoneAge Inc., Acquires Breadware, A Leader in Industrial IOT Product Development
- Evolve IP Delivers World's Only Omnichannel Contact Center Integrated with Microsoft Teams and Virtual Workspaces
- AutoQuotes And UL Announce Strategic Partnership
- NACCE and Bridge for Billions Team Up to Offer "The Leap" to Community College Entrepreneurs Across the Nation
- Legacy Park Sports Launches GoDog GameStream To Live Stream Baseball and Softball Tournaments
- Onlive Server Launched UK VPS Server Hosting Service with Hypervisor KVM Cloud Panel and SSD Storage
- Alpega Partners with project44 to Deliver Advanced Visibility in North America and Europe
- FigBytes Integrates SASB Standards in its Enterprise Sustainability and ESG Platform
EclecticIQ and ThreatFabric investigation reveals evidence of malicious Android packages posing as legitimate Covid-19 contact tracing apps
PrZen/33353244
Threat actors exploit consumer trust in legitimate government apps to plant malicious packages
AMSTERDAM - PrZen -- EclecticIQ, the global provider of cyber threat intelligence (CTI) technology solutions, has teamed up with fraud and cybercrime prevention experts at ThreatFabric to publish the findings of an investigation into instances of threat actors actively pushing malicious Android packages disguised as legitimate contact tracing applications.
Key analysis points by ThreatFabric and EclecticIQ reveal that:
The findings of the report suggest that threat actors will almost certainly continue to use commodity and open source-based malware disguised as legitimate contact tracing applications for financial gain. The low barrier to entry provided by these tools and the continued rollout of contact tracing applications by nations, presents continued financial opportunity for cybercriminals into the near future. Malicious actors have shown their willingness to exploit the current pandemic by targeting legitimate contact tracing applications consistently in recent months. Samples analyzed by EclecticIQ and ThreatFabric researchers had an earliest estimated build time of April 12th, 2020 with the latest being June 23rd, 2020.
Peter Ferguson, Cyber Threat Intelligence Specialist at EclecticIQ's Fusion Center commented:
"Users should never download contact tracing android applications from links sent to them or from third party stores. If they are interested in downloading their nation's contact tracing application, they should use the official site or the Google Play Store."
Gaetan van Diemen, General Manager at ThreatFabric commented:
"Threat actors have become very efficient in tricking users into downloading and installing a phenomenal variety of malicious apps on their mobile devices. To avoid fraud and brand or reputation damage, we strongly recommend app developers and online service providers to adapt their security strategy based on the factual evolution of the mobile threat landscape."
Additional Resources:
About EclecticIQ
EclecticIQ enables intelligence-powered cybersecurity for government organizations and commercial enterprises. We develop analyst-centric products and services that align our clients' cyber security focus with their threat reality. The result is intelligence-led security, improved detection and prevention, and cost-efficient security investments.
Our solutions are built specifically for analysts across all intelligence-led security practices such as threat investigation and threat hunting, as well as incident response efforts. We tightly integrate our solutions with our customers' IT security controls and systems. EclecticIQ operates globally with offices in Europe, the United Kingdom and North America, and via certified value-add partners.
Learn more at www.eclecticiq.com
About ThreatFabric
ThreatFabric helps financial institutions protect their online services, stop fraud and enhance customer experience. Powered by threat intelligence, ThreatFabric's solutions offer a holistic approach to risk detection and fraud prevention. MTI (Mobile Threat Intelligence) provides global visibility and context on the mobile banking threat landscape. It is the threat intelligence solution to use to protect personal data, customers and brand from financially motivated threat actors. It includes the strategic overview of threats and context as well as all relevant technical indicators. CSD (Client Side detection) provides the answer to the constantly-evolving fraud landscape and regulatory challenges. An omnichannel solution that empowers financial institutions to pro-actively detecting known and unknown threats to mitigate fraud and build trust across their online services.
Learn more at www.threatfabric.com
Key analysis points by ThreatFabric and EclecticIQ reveal that:
- Threat actors have been disguising Android packages as legitimate government-backed contact tracing applications for financial gain.
- There is evidence to suggest that actors have used repackaged commodity and open-source malware to lower the investment required in the observed campaigns.
- Third-party port forwarding, and secure tunneling services have probably been used to provide anonymization to command and control (C2) infrastructure.
- The Android packages were probably delivered through links pointing to phishing pages.
The findings of the report suggest that threat actors will almost certainly continue to use commodity and open source-based malware disguised as legitimate contact tracing applications for financial gain. The low barrier to entry provided by these tools and the continued rollout of contact tracing applications by nations, presents continued financial opportunity for cybercriminals into the near future. Malicious actors have shown their willingness to exploit the current pandemic by targeting legitimate contact tracing applications consistently in recent months. Samples analyzed by EclecticIQ and ThreatFabric researchers had an earliest estimated build time of April 12th, 2020 with the latest being June 23rd, 2020.
Peter Ferguson, Cyber Threat Intelligence Specialist at EclecticIQ's Fusion Center commented:
"Users should never download contact tracing android applications from links sent to them or from third party stores. If they are interested in downloading their nation's contact tracing application, they should use the official site or the Google Play Store."
Gaetan van Diemen, General Manager at ThreatFabric commented:
"Threat actors have become very efficient in tricking users into downloading and installing a phenomenal variety of malicious apps on their mobile devices. To avoid fraud and brand or reputation damage, we strongly recommend app developers and online service providers to adapt their security strategy based on the factual evolution of the mobile threat landscape."
Additional Resources:
- Read full report here
About EclecticIQ
EclecticIQ enables intelligence-powered cybersecurity for government organizations and commercial enterprises. We develop analyst-centric products and services that align our clients' cyber security focus with their threat reality. The result is intelligence-led security, improved detection and prevention, and cost-efficient security investments.
Our solutions are built specifically for analysts across all intelligence-led security practices such as threat investigation and threat hunting, as well as incident response efforts. We tightly integrate our solutions with our customers' IT security controls and systems. EclecticIQ operates globally with offices in Europe, the United Kingdom and North America, and via certified value-add partners.
Learn more at www.eclecticiq.com
About ThreatFabric
ThreatFabric helps financial institutions protect their online services, stop fraud and enhance customer experience. Powered by threat intelligence, ThreatFabric's solutions offer a holistic approach to risk detection and fraud prevention. MTI (Mobile Threat Intelligence) provides global visibility and context on the mobile banking threat landscape. It is the threat intelligence solution to use to protect personal data, customers and brand from financially motivated threat actors. It includes the strategic overview of threats and context as well as all relevant technical indicators. CSD (Client Side detection) provides the answer to the constantly-evolving fraud landscape and regulatory challenges. An omnichannel solution that empowers financial institutions to pro-actively detecting known and unknown threats to mitigate fraud and build trust across their online services.
Learn more at www.threatfabric.com
Source: EclecticIQ
0 Comments
Latest on PrZen
- Clarity Gold Reported 2.32 oz/t Au - Sent Crews to Three High Grade Gold Properties in BC
- Doctor Develops Personalized Solution to COVID-19 Threat
- 5 Stores to Catch up Massive Concessions On
- Andrew Carnegie Global Capital Announces a $20M Fintech Venture with Braintree in the Coming Year
- Andrew Carnegie Global Capital Has Announced an Equity Investment in a Brantstone Properties Development Project – London, Slated 2023
- What if Bon Jovi's Drummer Had Been an Indian Temple Musician From 800AD?
- New Memoir By U.S. Marine: Releasing on Amazon September 06 2020
- Building Your Success System. Unique New eBook
- Onlive Server Announced Europe based Germany VPS Server Hosting Services with KVM Hypervisor Cloud Panel
- ICON Jewel's Famed Hollywood Jeweler Talks Diamonds, Covid And These Uncertain Times
- Why We Need More Black Executives in Hip Hop? by Eric B
- Marshals Of The Revolution-New Roots Country Music and Lifestyle Brand Has Arrived
- Ideal Home Care Services 50 Years of Combined Professional Healthcare Experience
- Avoiding the 17a-4 Quagmire - AdvisorVault's Guide for Small FINRA Firms
- Eric Bopp Announces He's Running for Judge
- ITSMA Announces Finalists for the 2020 Marketing Excellence Awards
- Tom Urquhart, Ph.D., joins IOTech Systems as SVP of Professional Services
- CEO Coaching International Client, StoneAge Inc., Acquires Breadware, A Leader in Industrial IOT Product Development
- Ideanomics Announces Q2 2020 Earnings - TESLA Model 3 Proof of Concept
- Kupit Kickstarter Campaign by Burgeón Brands Attempts to Reduce Waste from Single-Serving Coffee Pods