Intelligent CIO Middle East Issue 32 | Page 83

INTELLIGENT BRANDS // Mobile Technology How cybercriminals are hiding in your phone ///////////////////////////// Malware in the official Google store never stops appearing; it is a huge victory for cybercriminals to sneak their malicious applications into the marketplace of genuine apps. Denise Giusto Bilić, Security Researcher at ESET, which operates in the Middle East, summarises some of the common behaviours of malicious Android code over the last few years. W hile analysts figure out new methodologies for analysing malware and users begin to understand how all this works, cybercriminals are seeking new ways to hide in phones and compromise devices. The convoluted tricks used to increase the effectiveness of their attacks can be grouped into two distinct categories. The first is social engineering strategies that seek to confuse users and second is sophisticated technical mechanisms that try to obstruct malware detection and analysis. This article summarises some of the common behaviours of malicious Android code over the last few years. www.intelligentcio.com DECEIT BASED ON SOCIAL ENGINEERING Use fraudulent accounts in the Google Play Store to distribute malware Malware in the official Google store never stops appearing. For cybercriminals, sneaking their malicious applications into the marketplace of genuine apps is a huge victory as they can reach many more potential victims, thus having an almost rock-solid guarantee of more infections. What’s more, the fake developer accounts used to spread insecure or malicious apps try to look as similar as possible to real accounts in order to dupe unsuspecting users who end up getting confused by them. In a recent example of this, researchers discovered a fake app for updating WhatsApp that used a Unicode character trick to give the impression of being distributed through the official account. Take advantage of commemorative dates and scheduled app release dates A common practice in the world of cybercrime is to make malware look like INTELLIGENTCIO 83