Page 60 - Cyber Warnings
P. 60
How WannaCry remedies are only another fraud vector
The massive scope and potential financial impact of the WannaCry attack has understandably
caused a lot of panic, and companies and individuals alike have been rushing to protect their
devices.
However, this frenzy has opened up new damaging routes for fraud.
One of these attack routes is through mobile applications that have been found on third-party
application stores.
There are various mobile applications advertising that they can be used to protect users from
the WannaCry ransomware.
However, our analysts found that some of these apps contained adware meant to infect the
devices they are downloaded onto.
Rather than protecting users’ devices, they are causing them harm.
The adware found is classified as Adware.mobidash, which is a module that attackers used to
include into Android games and apps and monetize them.
This adware has the capability to load webpages with ads, show other messages in the status
bar, or modify the DNS server.
The latter is quite dangerous as the real risk lies in the fact that the end user’s device is
performing unwanted activity without their authorization.
To hide this dangerous behavior, the adware doesn’t start to perform its malicious activity
immediately, but after a short period of time.
60 Cyber Warnings E-Magazine – June 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
