Popular on PrZen
- L2 Aviation Names Human Resource Veteran Warren Orr as Human Resources Leader - 309
- Jurllyshe Stacked Pants: A Perfect Addition Fall/Winter 2020 Wardrobe
- Lado releases "A Shiny New Toy"
- Bid Ops Partners With Marcus Evans To Announce Optimal: The AI Conference for Procurement Teams
- 83bar, the Patient Activation company, expands business development team
- Contracting Resources Group, Inc. Receives 2020 - 2021 Great Place to Work Certification
- Rock Artist JIGI Is Back With a Jazz Rendition Of "Welcome (II V I)"
- In Advance Of January Resolution Season, DMS Spotlights Growth Trends Surrounding Health & Wellness Industries
- State of Writing 2021 examines how to improve writing ROI
- Introducing EbooksCheaper.com - One Stop Shop For Quality eBooks At Slashed Prices
Similar on PrZen
- AI.Reverie Awarded $950 Million IDIQ Contract for U.S. Air Force Advanced Battle Management System (ABMS)
- Updated ASI Book Helps Association Executives Improve Organizational Performance Now and Post-COVID
- Fifth Gen Media announces Darlene Pope as Chairman of the Advisory Council
- Wohler releases AoIP & Analog options for their iVAM1-1
- While Supplies Last: Thermal Transfer Label Sale
- BitRouter Announces 3pi ATSC 3.0 Receiver for Automotive and Distance Learning Applications
- Play FLIP FORWARD by Autonomous & You Might Find Yourself $2000 Richer!
- Rueben Wood Launches Esport & Game Development Company!
- Huge Increase in U.S. Carjackings Results in an 800% Increase in Armoring
- GDS21 Launches Global Hearts Local Business Training Series
EclecticIQ and ThreatFabric investigation reveals evidence of malicious Android packages posing as legitimate Covid-19 contact tracing apps
PrZen/33353244
Threat actors exploit consumer trust in legitimate government apps to plant malicious packages
AMSTERDAM - PrZen -- EclecticIQ, the global provider of cyber threat intelligence (CTI) technology solutions, has teamed up with fraud and cybercrime prevention experts at ThreatFabric to publish the findings of an investigation into instances of threat actors actively pushing malicious Android packages disguised as legitimate contact tracing applications.
Key analysis points by ThreatFabric and EclecticIQ reveal that:
The findings of the report suggest that threat actors will almost certainly continue to use commodity and open source-based malware disguised as legitimate contact tracing applications for financial gain. The low barrier to entry provided by these tools and the continued rollout of contact tracing applications by nations, presents continued financial opportunity for cybercriminals into the near future. Malicious actors have shown their willingness to exploit the current pandemic by targeting legitimate contact tracing applications consistently in recent months. Samples analyzed by EclecticIQ and ThreatFabric researchers had an earliest estimated build time of April 12th, 2020 with the latest being June 23rd, 2020.
Peter Ferguson, Cyber Threat Intelligence Specialist at EclecticIQ's Fusion Center commented:
"Users should never download contact tracing android applications from links sent to them or from third party stores. If they are interested in downloading their nation's contact tracing application, they should use the official site or the Google Play Store."
Gaetan van Diemen, General Manager at ThreatFabric commented:
"Threat actors have become very efficient in tricking users into downloading and installing a phenomenal variety of malicious apps on their mobile devices. To avoid fraud and brand or reputation damage, we strongly recommend app developers and online service providers to adapt their security strategy based on the factual evolution of the mobile threat landscape."
Additional Resources:
About EclecticIQ
EclecticIQ enables intelligence-powered cybersecurity for government organizations and commercial enterprises. We develop analyst-centric products and services that align our clients' cyber security focus with their threat reality. The result is intelligence-led security, improved detection and prevention, and cost-efficient security investments.
Our solutions are built specifically for analysts across all intelligence-led security practices such as threat investigation and threat hunting, as well as incident response efforts. We tightly integrate our solutions with our customers' IT security controls and systems. EclecticIQ operates globally with offices in Europe, the United Kingdom and North America, and via certified value-add partners.
Learn more at www.eclecticiq.com
About ThreatFabric
ThreatFabric helps financial institutions protect their online services, stop fraud and enhance customer experience. Powered by threat intelligence, ThreatFabric's solutions offer a holistic approach to risk detection and fraud prevention. MTI (Mobile Threat Intelligence) provides global visibility and context on the mobile banking threat landscape. It is the threat intelligence solution to use to protect personal data, customers and brand from financially motivated threat actors. It includes the strategic overview of threats and context as well as all relevant technical indicators. CSD (Client Side detection) provides the answer to the constantly-evolving fraud landscape and regulatory challenges. An omnichannel solution that empowers financial institutions to pro-actively detecting known and unknown threats to mitigate fraud and build trust across their online services.
Learn more at www.threatfabric.com
Key analysis points by ThreatFabric and EclecticIQ reveal that:
- Threat actors have been disguising Android packages as legitimate government-backed contact tracing applications for financial gain.
- There is evidence to suggest that actors have used repackaged commodity and open-source malware to lower the investment required in the observed campaigns.
- Third-party port forwarding, and secure tunneling services have probably been used to provide anonymization to command and control (C2) infrastructure.
- The Android packages were probably delivered through links pointing to phishing pages.
The findings of the report suggest that threat actors will almost certainly continue to use commodity and open source-based malware disguised as legitimate contact tracing applications for financial gain. The low barrier to entry provided by these tools and the continued rollout of contact tracing applications by nations, presents continued financial opportunity for cybercriminals into the near future. Malicious actors have shown their willingness to exploit the current pandemic by targeting legitimate contact tracing applications consistently in recent months. Samples analyzed by EclecticIQ and ThreatFabric researchers had an earliest estimated build time of April 12th, 2020 with the latest being June 23rd, 2020.
Peter Ferguson, Cyber Threat Intelligence Specialist at EclecticIQ's Fusion Center commented:
"Users should never download contact tracing android applications from links sent to them or from third party stores. If they are interested in downloading their nation's contact tracing application, they should use the official site or the Google Play Store."
Gaetan van Diemen, General Manager at ThreatFabric commented:
"Threat actors have become very efficient in tricking users into downloading and installing a phenomenal variety of malicious apps on their mobile devices. To avoid fraud and brand or reputation damage, we strongly recommend app developers and online service providers to adapt their security strategy based on the factual evolution of the mobile threat landscape."
Additional Resources:
- Read full report here
About EclecticIQ
EclecticIQ enables intelligence-powered cybersecurity for government organizations and commercial enterprises. We develop analyst-centric products and services that align our clients' cyber security focus with their threat reality. The result is intelligence-led security, improved detection and prevention, and cost-efficient security investments.
Our solutions are built specifically for analysts across all intelligence-led security practices such as threat investigation and threat hunting, as well as incident response efforts. We tightly integrate our solutions with our customers' IT security controls and systems. EclecticIQ operates globally with offices in Europe, the United Kingdom and North America, and via certified value-add partners.
Learn more at www.eclecticiq.com
About ThreatFabric
ThreatFabric helps financial institutions protect their online services, stop fraud and enhance customer experience. Powered by threat intelligence, ThreatFabric's solutions offer a holistic approach to risk detection and fraud prevention. MTI (Mobile Threat Intelligence) provides global visibility and context on the mobile banking threat landscape. It is the threat intelligence solution to use to protect personal data, customers and brand from financially motivated threat actors. It includes the strategic overview of threats and context as well as all relevant technical indicators. CSD (Client Side detection) provides the answer to the constantly-evolving fraud landscape and regulatory challenges. An omnichannel solution that empowers financial institutions to pro-actively detecting known and unknown threats to mitigate fraud and build trust across their online services.
Learn more at www.threatfabric.com
Source: EclecticIQ
0 Comments
Latest on PrZen
- AUA College of Medicine Establishes Admissions Agreement with Mississippi Valley State University
- Dollyhood Records Signs Distribution Deal With Sony!
- West Coast Recording Artist, Composer and Actor, Blue Ragg$ Releases New Music & Theatrical Video
- Swaggerty's Receives Highest Possible Grade from BRC Food Safety Auditors for 8th Consecutive Year
- Be an Example, Get the Covid Shot
- Former CEO & Founder of Five Star Custom Foods, Acquired by Cargill, Joins CEO Coaching International
- Thiel College names Terry Eddy to Board of Trustees
- Dead Sea Mud Cosmetics Market Report 2017-2030 by Goldstein Market Intelligence
- Beauty Devices Market Report 2017-2030 by Goldstein Market Intelligence
- Hair Color Market Report 2017-2030 by Goldstein Market Intelligence
- "Diamond Fuji" to be Seen from TOKYO SKYTREE in February
- Texpak Offers Environmentally-Friendly Ecotach™ Fasteners to Address Sustainability Needs
- Morningstar names Quantified STF Fund top-performing tactical-allocation fund in 2020
- Financial Solutions Inc. Receives the 2020 Best of Sheridan Wyoming Award
- SHELTER, New Works by Artists Byron Keith Byrd, Stefani Byrd, and Fenix Gallery Collective, January 20–February 24, 2021
- AI.Reverie Awarded $950 Million IDIQ Contract for U.S. Air Force Advanced Battle Management System (ABMS)
- Updated ASI Book Helps Association Executives Improve Organizational Performance Now and Post-COVID
- Song & Music Video "Glory of History" by The ZYG 808 Explores Hypocrisy of Presidential Elections
- Inventor Uses Lockdown Time to Develop System for Extending Electric Vehicle Range to 750 Miles
- Go4customer revamps its Privacy Policy to make Call Center Outsourcing more convenient