Pandemic triggers most scams in recent history

Avast Security News Team, 28 August 2020

Plus, one U.S. university pays ransomware attackers $475K and spyware is found on over a thousand iOS apps

According to COVID-19 and Stimulus Reports by the U.S. Federal Trade Commission (FTC), there have been over 180,000 complaints of coronavirus-related scams this year, and the number continues to climb. Almost 50% of those complaints included financial loss, with an average amount of $290 stolen from each victim. As a whole, U.S. consumers lost over $120 million to pandemic-related scams. An FTC spokesperson told The Washington Post that scams do tend to increase following natural disasters, but complaints typically total in the thousands, not the tens of thousands as it is with the pandemic scams. The spokesperson added that the only event in recent history that spawned a similar surge of scams was the financial crash of 2009. 

“COVID-19 is one major disaster, and as such, cybercriminals are taking advantage of it,” commented Avast Security Evangelist Luis Corrons. “It may become worse as the pandemic plays out. When the expected vaccine is released, we’ll see an increase in scams targeting people who want to get it as soon as possible.” In addition to vaccine scams, experts caution that new scams will emerge surrounding the burgeoning housing crisis, as a portion of the population faces rent or mortgage bills they cannot pay. In the meantime, fraudsters are scamming victims with phony sales of masks, face shields, and miracle cures, and fraudulent information about government stimulus payments and unemployment funds. Consumers are advised to be wary of coronavirus-related offers in their inbox.

Malicious SDK found in over 1,200 iOS apps

Researchers have discovered that a malicious software development kit (SDK) created by Chinese ad network Mintegral spies on user activity and executes ad fraud in over 1,200 iOS apps. Collectively, the apps have been downloaded about 300 million times a month since July 2019, which puts the total number of downloads in the billions. Some of the more popular affected apps include Helix Jump, Talking Tom, PicsArt, Subway Surfers, and Gardenscapes.  It’s unknown how many iPads and iPhones are impacted by the spyware, but the researchers consider the situation “a major privacy concern to hundreds of millions of consumers.” Read more at Forbes

FBI/CISA warn of backdoor in Chinese tax software

The U.S. government issued a flash alert to American organizations that do business with China, warning of a secret backdoor hidden in the tax software that Chinese banks force foreign companies to install. Infosecurity reported that the researchers who discovered the backdoor found no way to remove it, and suspect that it is in place to allow the remote download of further malware. Once news broke on the discovery, researchers noticed that an uninstaller appeared in the software to erase traces of the backdoor. “This reveals the actors’ high level of sophistication and operational awareness,” wrote the FBI in the flash alert. The software developers in China have not commented on the discovery yet.

Mobile phones with pre-installed malware sold in Africa

The anti-fraud firm Upstream found that over 50,000 mobile phones, sold in the areas of Ethiopia, Cameroon, Egypt, Ghana, and South Africa, contained built-in malware that signed up users for subscription services without their permission. The phones were manufactured by Chinese company Transsion Holdings, which claims the malware was loaded onto the devices by a third-party vendor in the supply chain. Transsion added that it attaches great importance to consumers’ data security and product safety. Meanwhile, Upstream believes those behind the malware are taking advantage of the most vulnerable part of the population. More on this story at BBC News

University of Utah pays $475K ransom

The University of Utah paid attackers $475,000 for a decryption key after ransomware hit the servers of the school’s College of Social and Behavioral Science. The Salt Lake City school has about 33,000 students and 1,600 faculty members, and the university went against the standard advice never to pay ransomware attackers because, it said in a statement, it wanted to protect students and faculty from having their sensitive information published on the internet. Find the full story on Threatpost.

This week’s ‘must-read’ on The Avast Blog

Protect your personal privacy with these 10 tips that help secure your home network and prepare for distance learning this school year.

Related articles