John Bambenek, principal threat hunter at Netenrich, added that as consumers move more of their digital lives and sensitive information onto their mobile devices, criminals will keep targeting platforms such as Google Play. “Ultimately, organizations need to be more aware of their digital perimeter and the dangers inherent to the apps and web platforms they use every day.” “With the help of location-based targeting and audience segmentation, cyber actors can zero-in on members of specific organizations and use their mobile device as a launch pad for further penetration and reconnaissance,” Olson said. He said today, the average mobile app contains up to 30 third-party APIs that malicious actors can use to distribute phishing links, track user activity across the web, and steal location/device data. Olson said while the apps named in Bitdefender's study were clearly created with malicious intent, more legitimate apps are not free from danger, either. Third-party code buried in mobile apps has become a rising cybersecurity risk, both for consumers and organizations, said Chris Olson, chief executive officer at The Media Trust.
The researchers said while this sounds fine at first, the danger here is that the ads served to victims are disrupting the user experience and can link directly to malware.
In a Wednesday blog post, Bitdefender researchers explained that one of the ways cybercriminals monetize their presence on Google Play is by serving ads to their victims. Researchers this week identified 35 applications representing more than 2 million downloads that have snuck into the Google Play Store - apps that hide their presence on a device by renaming themselves and changing their icon, then start serving aggressive ads. Bitdefender researchers identified 35 malicious apps in the Google Play Store.
0 kommentar(er)
