Category Archives: Mobile Threat Takeaways

Warning: Crypto-Currency Mining is Targeting Your Android


 Tags :- | | activate | McAfee com activate | activate McAfee | McAfee Activate | McAfee Retail Card.

Cryptocurrency, a virtual form of currency designed to work as a secure form of exchange, has gained a lot of traction in the world of finance and technology. But for many, the concept of obtaining cryptocurrency, or “crypto-mining,” is obscure. Investopedia defines crypto-mining as, “the process by which transactions are verified and added to the public ledger, known as the blockchain, and also the means through which new currencies such as Bitcoin and Ethereum are released.”

The practice has been around since 2009, and anyone with access to the Internet, the required programs and hardware can participate in mining. In fact, by the end of this month, Forbes Magazine will have published its first “Top Richest” list dedicated to Crypto Millionaires.

With the rise in popularity of digital currency, it’s no surprise that cybercriminals across the globe are leveraging malicious code to obtain it. Hackers would rather develop or utilize mining malware instead of paying the expensive price tag associated with mining machines, which can be upwards of $5000. In China, the ADB Miner malware is spreading and targeting thousands of Android devices for the primary purpose of mining cryptocurrency. The malware is spread through the publicly accessible Android Debug Bridge (abd) on an opened port 5555. This port is typically closed but can be opened by an ADB debug tool. Once infected, a device will look for other devices with the same vulnerability to spread the malware and leverage other Android-based smartphones, tablets, and televisions for crypto-mining.

So why are cybercriminals now targeting Android mobile devices? This could be due to the fact that hackers know they can easily manipulate vulnerabilities in Google Play’s app vetting system. Last year McAfee Mobile Threat Research identified more than 4,000 apps that were removed from Google Play without notification to users. Currently, the app store does not have consistent or centralized reporting available for app purchasers. Even if an app is supported by Google Play at the time of download, it could later be identified as malicious and Android users may be unaware of the fact that they’re harboring a bad app.

Researchers have found over 600 blacklisted malicious cryptocurrency apps across 20 app stores including Apple and Google Play. Google Play was found to have the highest amount of malicious crypto apps, with 272 available for download. In the United States, researchers have found another crypto-mining malware that is so demanding of phone processors, its causing them to implode. Loapi, a newly-discovered Trojan crypto-miner, can cause phone batteries to swell up and burst open the device’s back cover, and has been found in up to 20 mobile apps.

Crypto-mining malware isn’t a new phenomenon. Before the WannaCry attacks last summer, cryptocurrency malware sprung up as another malicious software looking to take advantage of the same Windows vulnerabilities that WannaCry exploited. But, instead of locking down systems with ransomware, these cybercriminals were putting them to work, using a cryptocurrency mining malware called Adylkuzz.

Here are a few tips to ensure your Android-devices are protected from crypto-mining malware:

  • Download your apps from a legitimate source. While some malicious apps may slip through the cracks, app stores like Google Play do have security measures in place to protect users, and it’s much safer than downloading from an unknown source.
  • Delete any apps that you haven’t used over the past 6-months. An app’s security can change over time; applications that were once supported by an app store can be flagged as malicious and removed from the platform without notification. If an app is no longer supported in the app store, you should delete it immediately.
  • Keep all of your software up to date. Many of the more harmful malware attacks we’ve seen, like the Equifax data breach, take advantage of software vulnerabilities in common applications, such as operating systems and browsers. Having the latest software and application versions ensures that any known bugs or exploits are patched, and is one of the best defenses against viruses and malware.
  • Double up on your mobile security software. I can’t stress enough how important is to use comprehensive security software to protect your personal devices.

Source : : Blog

Key Mobile Threat Takeaways from the 2018 Mobile Threat Report


 Tags :- | | activate | McAfee com activate | activate McAfee | McAfee Activate | McAfee Retail Card.

The term “mobile” has come to encompass a wide range of devices these days. Mobile devices have become much more than our Androids and iPhones. Wearable watches, tablets, even home devices all fall under the mobile umbrella of IoT and have the ability to impact our lives for better, or for worse.

This rich IoT landscape holds the key to your digital identity, your connected home and potentially, even your kid’s digital future. Gartner predicts that by the year 2020, 20.8 billion connected devices will populate the consumer home – that’s roughly five times greater than the Earth’s projected population at that time! As these devices continue to increase in presence in our daily lives, it’s important to understand not only the convenience they offer, but the threats they pose as well.

With the dawn of an even more connected era fast approaching, we at McAfee are examining the mobile threats that might be waiting on the horizon. This year’s Mobile Threat Report, takes a deep dive into some significant trends that demonstrate just how these mobile platforms are targeting what’s most sacred to us – our home. Let’s take a look into some of the most common trends in mobile malware, and a few tips on how to protect your home.

Mobile Malware in the IoT Home  

According to Gartner, 8.4 billion connected “things” were in use last year, and chances are one or more of these devices is living in your home today. While many of these devices bring convenience and ease to the home, it’s important to note that they also significantly increase the risk of attack. Many of these devices are developed with innovation in mind, and little to no focus on – security. With that being said, everyday users of mobile devices have grown phenomenally, hence the increased need for security as the frequency of mobile attacks continues to grow.

DDoS Causes SOS  

IoT attacks such as Mirai and Reaper showed the world just how vulnerable smart homes and connected devices can be to malicious code. These attacks targeted millions of IoT devices with the intent of creating a botnet army from trusted connected items within the household.

The Mirai malware authors, leveraged consumer devices such as IP cameras and home routers to create a botnet army, launching distributed denial of service (DDoS) attacks against popular websites. By taking advantage of the low-levels of security on most home connected devices, this malware was able to seize control of millions of devices. All it had to do was guess the factory default password.

The “Reaper” malware strain also took advantage of limited security of many connected home devices. However, these malware authors evolved their tactics by looking for devices with known vulnerabilities to exploit and by implementing a set of hacking tools that showed greater sophistication. The IoT reaper clocked in as many as 2 million infected devices, at nearly ten times the rate as Mirai.

The evolution of the malicious code targeting mobile and IoT devices represents a growing threat to consumers who wish to embrace a culture of connected living. So how can we welcome these devices into our homes without opening the door to cyberthreats? Here are a few tips to consider:

  • Protect your devices, protect your home. As we continue to embrace a culture of smart homes and connected devices, it is also important for us to embrace internet security at a network level. With the presence of targeted attacks growing globally, we must remain vigilant in protecting our connected lives by making sure each individual device is secure, especially the home network. The MTR has dubbed 2018 as “The Year of Mobile Malware,” and very tech user should consider using a home gateway with built-in security to ensure every device in their home is protected.


  • Download apps with caution and update them regularly. Malware campaigns having been targeting users on the Google Play stores almost since its inception. In fact, McAfee recently discovered Android Grabos, one of the most significant campaigns of this year, found present within 144 apps on Google Play. Stay current on which applications are supported in your application store and update them regularly. If an app is no longer supported in the play store, delete it immediately.


  • Invest in comprehensive security. I can’t stress enough how important is to use comprehensive security software to protect your personal devices. Malware is constantly evolving with technology, so ensure your all of your devices are secured with built-in protection.

Source : : Blog