• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Industry News   »   Android users beware: Hackers are up to dirty new tricks

Android users beware: Hackers are up to dirty new tricks

  • Posted on:April 11, 2016
  • Posted in:Industry News
  • Posted by:
    Noah Gamer
0
An old form of malware is targeting Android users through a new medium.

While some cyber criminals are extraordinary sophisticated, and even work in multi-national groups to orchestrate elaborate breaches, most of them are simply preying upon human habits in an effort to steal data like payment card information or Social Security numbers. More often than not, the ploys they use to get this data aim to trick victims into willingly downloading and installing malware, or relinquishing login credentials on fake Web pages. And sometimes, the human habits they choose to exploit aren't the most wholesome ones.

Using porn as a malware delivery mechanism

It's no secret that hackers love to sully Internet pornography Web pages with their instruments of cyber crime. While some of these tactics can be spotted a mile away, others are far more deceptive. One such example is the resurgence of the Marcher Trojan. According to Trend Micro, the bug – which is believed to have been around for about three years or so – is now targeting Android users, and more specifically, Android users who watch Internet pornography. 

Upon visiting certain porn sites, an Android user might receive a prompt to download Adobe Flash. The installer, however, is actually malware that is meant to create a fake version of Google Play's payment page. The goal is to trick users into entering payment information under the impression that they're on the actual Google Play store. Alternatively, the exploit might also display a fake online banking or PayPal page to the same end. 

Trend Micro noted that this is hardly the first time hackers have used porn to go after Android users. Last year in South Korea, the Yanbian Gang used fake ads marketing explicit Web material as a way to attack millions of mobile banking users. It's worth noting that this will hardly be the last time.

The bigger picture: What does this say about Android cybersecurity?

Using explicit Web content as a vessel for cyber crime is hardly unique to the Android OS. However, it's worth noting that Android Marcher Trojan is one among a long list of cyber threats that have plagued users of the OS in the past few years. In fact, according to Trend Micro research, the amount of Android malware doubled in 2015. While iOS and other mobile operating systems have also been impacted by malware in the past year or so, Android still seems to bear the brunt of mobile cyber attacks. Why is this the case?

One of the main reasons is that there are so many third-party apps stored for Android, many of which can easily be tricked into offering illegitimate applications that are preloaded with malware. Another important factor is that as of 2015, Android controlled about 79 percent of the smartphone market share, according to Forbes. In that sense, it's purely a numbers game for cyber criminals. 

On the surface, none of this information may come as a comfort to Android users, but it should, and here's why: Because unauthorized third-party app stores, many of which originate in foreign countries, are the main sources of mobile malware, the easiest way to secure an Android device is by sticking to the real Google Play. 

As for the recent incident involving Marcher Trojan, avoiding third-party app stored wouldn't have done much to help a victim. However, Trend Micro noted that there is a quick fix to getting rid of the malware. Simply go to "Settings>Security>Device Administration," and if an app called Device Admin is running, deactivate it. 

It's not an easy time to be an Android user, but with a combination of vigilance and robust endpoint cyber security, Android users can be better prepared to take on the cyber-threat landscape.

Related posts:

  1. Dirty money: How hackers interact with banks
  2. Researchers uncover more malware targeting Android users
  3. Malware scares still plaguing Android users
  4. Internet users beware: When encryption isn’t enough

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.