Avast News

2019 predictions, Part 2: Mobile threats

Threat Intelligence Team, 9 January 2019

The nature of mobile attacks are changing, but you’ll be ready after reading this key data from our Threat Intelligence team.

Here we continue our 3-part series on 2019 cybersecurity predictions by the Avast Threat Intelligence team. Looking at roughly one million new files a day, we gain valuable insights and knowledge of the most prevalent threats. We use this data to map trends and predict potential future dangers.

In this post, we are focusing on our top mobile threat predictions for 2019, including carry-overs from 2018 that will continue to present challenges.

Mobile threats today

Mobile threats are on the decline overall thanks to better native Android security protections. Comparing 2018 to 2017, there were 60% fewer attacks, owing largely to a 77% drop in “rooter” attacks (malicious attempts to gain root access to a device), a 57% drop in “clickers,” and a 10% decline in “downloaders.”

Most other categories had slight to moderate increases, with aggressive ad-based malware increasing 49% and fake apps increasing 24%. Most notably in 2018 the return to banking trojans was particularly pronounced in mobile, growing by 150%. We believe that cybercriminals are finding that bankers are a more reliable way to make money than cryptomining.  

In 2019, we expect to continue to see well-known tactics such as advertising, phishing, and fake apps dominate the landscape.

Fake apps

In 2018, we tracked and flagged countless apps using our apklab.io platform. Some were even found inside the Google Play Store. Fake apps are like the zombies of mobile security and have almost ceased to be news as new apps pop up to take the place of those flagged for removal. As a scourge they will continue, a trend we may see exacerbated by popular brands making the rounds in the Google Play Store.

Play Store defections create security gaps

One of the most controversial steps in Android security in 2018 was made by game maker Epic when they decided to offer their popular game, Fortnite, for download outside the Google Play Store, presumably because of the commission Google takes from app developers. We will likely see more game studios follow this path, despite the negative comments hurled at Epic by security experts.

Router infection via Android devices

While we have seen sophisticated malware that hides itself and operates stealthily in the background, the fake apps that seem to gain the most traction these days are those whose main purpose is to monetize by overloading users with ads and distributing suspicious payloads, like banking trojans or SMS stealers.

Your infected devices can now also attempt to also infect your router. We believe router-based attacks will evolve into sophisticated malware platforms. But they will also evolve in terms of the infection vector, i.e. via Android devices. We believe that we will see malware in 2019 that is specifically designed to target routers via mobile devices.

Smishing for gold

Smishing is another area of intense interest recently, thanks to privately created and contracted state-sponsored malware like Pegasus from NSO group. This malware targeted specific Saudi citizens, and as of the writing of this piece, the malware’s role in the murder of journalist Jamal Khashoggi is being investigated.

Smishing is phishing via SMS with the goal of encouraging victims either into giving up personal information or installing spyware. We now expect smishing to become a major new attack vector when it comes to delivering mobile malware on both iOS and Android operating systems..

The takeaway here is that mobile devices are getting a lot of attention these days from cybercriminals and hackers. Everybody knows that most people keep their most sensitive information right there on their mobile devices, and naturally, the bad actors of the world want to steal it. Unfortunately, some of these cybercriminals are smart and will try to bore into your device through any number of tricks that are growing more sophisticated by the day. Take measures to protect your info and your device. To get a good look at the lay of the land in 2019, download and read the full Avast Predictions for 2019 report.