Hide and Steal: Majority of the Malware Apps Do Not Have Icons, Says a McAfee Report

Mobiles are constantly under threat as some of the apps are hidden but stealing data from the devices in background, revealed a security firm report, McAfee. Chief scientist, Raj Samani, who is also associated with McAfee, wrote the Q1 2020 McAfee Mobile Threat Report saying around 50 percent of the mobile malware apps are hidden and a 30 percent increase since 2018 is reported as well.

Criminals are focusing on mobile devices, which is utterly different than the non-mobile malware, says the report. The new malware, "LeifAccess", also known as Shopper uses Android’s accessibility features to create an account, download app and then post reviews.

LeifAccess is finding new ways to get installed in mobile devices while giving out fake warnings to gain legitimacy. Like the malware does not have any icon or shortcut therefore it is not clear whether an app is installed or not. The report showed some of the hidden apps will appear as a legitimate one for malicious attacks within the mobile device.

Users then start receiving fake warnings to activate the accessibility services and permit all the capabilities of malware. The warning is vague but creepy like asking to upgrade the system’s video decode or showing that some application is slowing the system or displaying security error that needs to be checked urgently.

After eight hours, another notification is shown to differentiate the warning from installation. According to the report, the malware was first spotted in May last year and is affecting devices worldwide, especially in the US and Brazil.

The accessibility features of Android help people use the device without facing any difficulty. To avoid the misuse of the tools, Google had limited permission to accessibility features and moved the functions to new API. Despite this, bad actors can misuse the functions, says the report.

Automate action in a graphical interface in the background is one of the most misused features by the criminals. To deal with it, users can check and turn off the accessibility permission setting if not required. But the malware will still be able to perform click fraud and install apps on the device.

Samani advises people to install apps from authorized app stores only and does not always believe in reviews before installing the app. Many malicious apps have been also identified with fake reviews. The fake reviews usually have the same phrases and pretty must evident.

He also suggested using up-to-date and reliable security software that will identify and remove malicious apps from the mobile device.

If a device is suspected to be under the attack, it should be dealt with immediately. Like, if passwords are stolen, they should be changed or in case of fraud, authorities should be informed first of all.

Last year, the number of cyber-attacks increased and in 2020, they are trying to hide the attacks, says the report. It is becoming difficult to identify and remove the malicious elements from devices.



Read next: Ethical Hacking Has Become a Highly Popular Career Choice, Here’s Why That’s a Good Thing
Previous Post Next Post