MOBILE SECURITY BLOG

Phishing is a hacking technique that makes a user believe that he is interacting with the interface of a trusted third party (his bank, an administration, a well-known company...) in order to exfiltrate personal information such as his password, credit card numbers, social security number, etc.

A phishing campaign is characterized, from the hacker's perspective, by the simplicity of its execution associated with the possibility to lead a large-scale attack. Although it originated in the 1990s, this type of attack is still very common today.

Mobile devices represent the fastest growing attack surface and the widespread use of remote working has been accelerating it lately. Cybercriminals target enterprises through collaborators’ smartphones and tablets, betting on finding loopholes they will exploit to steal corporate data. Security heads are looking to extend their Zero Trust IT security strategy to mobile devices and apps, but the versatility of mobility makes it challenging.

The Zero Trust model is a security approach based on the principle of not trusting any network or data access request by default, and to secure all entry points. It has emerged as the most reliable way for companies to keep away cyberthreats evolving within their distant and immediate environment.

Despite being built with various shielding techniques, mobile apps are easily cloned or mimicked. As a result, fraud figures have kept growing since the advent of mobile banking and payments, and counterfeit apps infiltrating stores generates serious reputation and trust issues.

The market research firm IDC just released its latest marketscape dedicated to the assessment of Mobile Threat Management software vendors in 2020. Once again, Pradeo is featured as a core player delivering cutting-edge Mobile Threat Defense capabilities to address the continuously evolving mobile security environment.

Update September 2nd: The infected applications have now been deleted from Google Play, but are still installed on the devices of their users.

Joker is a malicious bot (categorized as Fleeceware) which main activity is to simulate clicks and intercept SMS to subscribe to unwanted paid premium services unbeknownst to users. By using as little code as possible and thoroughly hiding it, Joker generates a very discreet footprint that can be tricky to detect.

In the last year, the malware was found hiding in hundreds of apps. Today, Pradeo once again identified infected applications on Google Play (listed below), showing the store's struggle to prevent malicious activities on its platform. Altogether, the 6 apps account for nearly 200.000 installs. Users are advised to immediately delete them from their device to avoid fraudulent activities.