Your mobile phone ain't as safe as it used to be
If you ever believed your mobile device was less exposed to online threats, now’s the time to take another look -and it may pay to be a little more careful what apps you install.
Security firm McAfee published its latest Mobile Threats Report. One of the main takeaways from that report is that malicious apps are almost everywhere – and they’re trying their best to dig their hooks into popular trends like Fortnite.
Yes, the Fortnite mobile app may be popular (60 million downloads), news of the app’s beta version led to a number of fake apps that pretended to be the game. There was a huge spike in detections of a malware called FakeApp, which has several malicious purposes.
That was one of the most effective ways of getting people to download suspicious and malicious apps, McAfee says.
But Fortnite players are not the only ones at risk. The number of fake app detections by McAfee’s Global Threat Intelligence increased from around 10,000 in June 2018 to nearly 65,000 in December 2018.
Those fake apps included more than 600 malicious cryptocurrency apps available on 20 app stores.
“Cyber criminals are looking to find ways to add value to their digital wallets without the cost of doing their own mining. The popularity of Android-based devices not only makes them a prime target, but the latest cryptomining technique can jump from phone or tablet to smart TV to infect your entire environment,” says McAfee.
Another area of concern is nation states and state-sponsored attackers who are conducting spyware attacks on people they want to watch.
“From Operation RedDawn, targeting North Korean defectors, and FoulGoal, possibly targeting Israeli FIFA World Cup fans, mobile devices remain an attractive target of nation state actors to gather intelligence and track victims.”
Even the humble smart padlock isn’t safe. McAfee found a vulnerability in the BoxLock smart padlock which allows hackers to unlock the device within seconds.
Three steps for consumers to protect what matters
- Set-up a secondary network for your IoT devices that doesn’t share access to your primary network and the devices and data connected thereto
- Consider getting a router with built-in security features, making it easier to protect all the devices in your home from one access point
- Set your device to auto-updates so you always have the latest software and be sure to change all default passwords once you purchase a new device.