According to a report published on Monday, Trojans are one of the largest threats to consumers this year, accounting for 90 percent of all pandemic based malware.
With the majority of the world still concerned about Covid-19 and vaccine demand high, McAfee’s latest Mobile Threat Report throws light on how hackers are preying on these anxieties with bogus apps, text messages and social media invitations.
The researchers discovered evidence of an SMS worm targeting Indian consumers, establishing one of the first vaccine fraud campaigns, according to the report.
Users were tricked to download a vaccine app by SMS and WhatsApp messages, and after the software was downloaded, malware sent itself to everyone in the user’s contact list via SMS or WhatsApp.
Venkat Krishnapur, Vice-President of Engineering and Managing Director, McAfee Enterprise, India, said in a statement, “As people increasingly spend more time online owing to the pandemic and staying connected on their mobile devices, hackers are cashing into target unsuspecting consumers,”
Krishnapur added “With the dramatic increase in threats and cybercriminals exploiting mobile devices, our ongoing effort is to ensure that we protect what is of paramount importance to consumers — their personal data,”
Hackers are utilising mobile malware known as Etinu to read SMS messages and extract information needed to validate premium-rate service subscriptions that the user is unaware of. Before being discovered and deactivated, over 700,000 downloads were reported.
According to the report, whenever an app containing this malware is installed via the Google Play Store, the spyware harvests incoming SMS messages utilising a Notification Listener function.
It can then make purchases and join up for premium services and subscriptions, all of which are charged to the user’s account.
According to the report, hackers are targeting hundreds of financial institutions around the world using banking Trojans.
Between Q3 and Q4 of 2020, McAfee Mobile Security identified a 141% rise in Banking Trojan activity. To get over Google’s screening process, most Banking Trojans are spread through phishing SMS messages.
According to the report, total mobile malware detected by McAfee at the end of 2020 (Q4) was 43 million, with over 3 million of these detections being new.