This year may mark a turning point in the cyber world. As the pandemic urged organizations to enable remote working, the dissolution of traditional security perimeters accelerated until they fully blew apart. People with bad intentions saw in this chaos an opportunity to spy on an opponent, a government, a competitor; or to steal companies, public institutions, individuals…
Phishing is a hacking technique that makes a user believe that he is interacting with the interface of a trusted third party (his bank, an administration, a well-known company...) in order to exfiltrate personal information such as his password, credit card numbers, social security number, etc.
A phishing campaign is characterized, from the hacker's perspective, by the simplicity of its execution associated with the possibility to lead a large-scale attack. Although it originated in the 1990s, this type of attack is still very common today.
Despite being built with various shielding techniques, mobile apps are easily cloned or mimicked. As a result, fraud figures have kept growing since the advent of mobile banking and payments, and counterfeit apps infiltrating stores generates serious reputation and trust issues.
Update September 2nd: The infected applications have now been deleted from Google Play, but are still installed on the devices of their users.
Joker is a malicious bot (categorized as Fleeceware) which main activity is to simulate clicks and intercept SMS to subscribe to unwanted paid premium services unbeknownst to users. By using as little code as possible and thoroughly hiding it, Joker generates a very discreet footprint that can be tricky to detect.
In the last year, the malware was found hiding in hundreds of apps. Today, Pradeo once again identified infected applications on Google Play (listed below), showing the store's struggle to prevent malicious activities on its platform. Altogether, the 6 apps account for nearly 200.000 installs. Users are advised to immediately delete them from their device to avoid fraudulent activities.
Cybersecurity experts are unanimous, mobile apps are hackers’ preferred vector to exfiltrate valuable data from mobile devices. Yet, the flexibility they offer makes them irreplaceable for both work and personal usages. Today, companies cannot afford to forbid public apps usages to their collaborators, even in the most sensitive industries. However, it doesn’t mean they should turn a blind eye to app-related risks.