Page 192 - Cyber Defense eMagazine September 2023
P. 192
With the popularity of mobile apps reaching new heights, the responsibility to protect mobile users against
diverse security threats has become paramount as the attack landscape shifts focus to where most
consumers are – mobile apps. And it’s evident that consumers expect and demand protection when
using mobile apps, and they are not willing to compromise. For example, when asked to rank the priority
of security vs features, an overwhelming majority of U.S. consumers, say that security is equal to or
higher in importance than features.
Not only is the level of protection that consumers expect in mobile apps is also on the rise. For example,
when consumers were asked what type of protection, they expect mobile brands to provide when using
their app, 72.7% of U.S. consumers said that they expect either “the best protections” available, or
protection of the login and data, as well as protection against malware. Taken together this clearly
underscores the pressing need for mobile app developers to deliver enhanced protection in their mobile
applications.
To help mobile developers and cyber-security teams wrap their heads around what this means, this article
will illustrate both the new and emerging threats mobile apps face, along with the “tried and true” threats
and attack methods that hackers have been using for years. Combined, this will give mobile developers
a blueprint that will enable them to craft a strategy that addresses these threats head on and deliver the
protections that their mobile customers demand.
Emerging Threats:
Accessibility Service Malware
In recent years, there has been an emergence of malware specifically created to exploit the Android
Accessibility Service framework which allows bad actors to gain unauthorized access to in-app events,
steal personally identifiable information (PII), perform or even hijack transactions and evade detection.
Notable examples include FluBot, Teabot, PixPirate, Brasdex and Xenomorph. Mobile banking apps
often fall prey to these attacks, which monitor Accessibility Service events and user activity to harvest
transactions, PII, and other valuable data.
Screen Overlay Attacks
A screen overlay attack is another tactic used by cybercriminals that has become more prominent. In this
technique, part of the app screen is covered by a fake and malicious screen that the user is tricked into
clicking on or interacting with to commit mobile fraud. Victims of this attack think they are interacting with
a legitimate app or service, but they are actually interacting with the overlay screen controlled by the
attacker which can put PII, transactions and other sensitive data at risk. A classic example of this type of
attack is the Cloak & Dagger, with more recent variants including Strandhogg and others.
Cyber Defense eMagazine – September 2023 Edition 192
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.