Popular on eTradeWire
- British Entrepreneur Predicts Travel Will Bounce-Back in 2021 - 555
- Serial Entrepreneur Yahaira Marie overcomes poverty to create Global Community for Small Businesses - 456
- CedintheCity Presents a New Picture Book Series Teaching Global Diversity - 257
- Get Cozy with A Winter Getaway In the Long Beach Island Region - 230
- Latin Pop/Rock group Al Cielo - First Time Meeting In Person - 209
- Project Expedition Launches Shore Excursions Platform for Travel Advisors - 178
- Financial Solutions Inc. Receives the 2020 Best of Sheridan Wyoming Award - 143
- Rock Climbers Want Sick Shirts - 141
- Weddings Beautiful Worldwide announces Jacqueline Vazquez as new CEO - 140
- Moss Foundation Donates $75K to Children's Charities - 130
Similar on eTradeWire
- Gembah Sees Exponential Growth Year-Over-Year as eCommerce Industry Thrives
- Off Chain Games Brings Cryptocurrency to Mobile Gaming
- Bold partnership to protect valuable artworks and antiques
- Leading Coding School in Palm Beach County, Boca Code Hires Revered Digital Marketing Company Simply the Best Digital
- Mitchell Metal Products Signs on with Capital ePay Payment Gateway
- American Equus and Energous Announce Trials Completed for the World's First Wirelessly Charged Equine Health Tracking Sensor
- Detroit Based Startup MARUX™Accepted By Technology Accelerator Investment Platform
- GEO Jobe Welcomes Corey Baker as Sales Representative
- Ideanomics December and Q4 EV Sales Activity
- expEDIum Direct Pay®, seamless online payment added to iTech's expEDIum Medical Billing®
EclecticIQ and ThreatFabric investigation reveals evidence of malicious Android packages posing as legitimate Covid-19 contact tracing apps
eTradeWire News/10576940
Threat actors exploit consumer trust in legitimate government apps to plant malicious packages
AMSTERDAM - eTradeWire -- EclecticIQ, the global provider of cyber threat intelligence (CTI) technology solutions, has teamed up with fraud and cybercrime prevention experts at ThreatFabric to publish the findings of an investigation into instances of threat actors actively pushing malicious Android packages disguised as legitimate contact tracing applications.
Key analysis points by ThreatFabric and EclecticIQ reveal that:
The findings of the report suggest that threat actors will almost certainly continue to use commodity and open source-based malware disguised as legitimate contact tracing applications for financial gain. The low barrier to entry provided by these tools and the continued rollout of contact tracing applications by nations, presents continued financial opportunity for cybercriminals into the near future. Malicious actors have shown their willingness to exploit the current pandemic by targeting legitimate contact tracing applications consistently in recent months. Samples analyzed by EclecticIQ and ThreatFabric researchers had an earliest estimated build time of April 12th, 2020 with the latest being June 23rd, 2020.
More on eTradeWire News
Peter Ferguson, Cyber Threat Intelligence Specialist at EclecticIQ's Fusion Center commented:
"Users should never download contact tracing android applications from links sent to them or from third party stores. If they are interested in downloading their nation's contact tracing application, they should use the official site or the Google Play Store."
Gaetan van Diemen, General Manager at ThreatFabric commented:
"Threat actors have become very efficient in tricking users into downloading and installing a phenomenal variety of malicious apps on their mobile devices. To avoid fraud and brand or reputation damage, we strongly recommend app developers and online service providers to adapt their security strategy based on the factual evolution of the mobile threat landscape."
Additional Resources:
About EclecticIQ
EclecticIQ enables intelligence-powered cybersecurity for government organizations and commercial enterprises. We develop analyst-centric products and services that align our clients' cyber security focus with their threat reality. The result is intelligence-led security, improved detection and prevention, and cost-efficient security investments.
Our solutions are built specifically for analysts across all intelligence-led security practices such as threat investigation and threat hunting, as well as incident response efforts. We tightly integrate our solutions with our customers' IT security controls and systems. EclecticIQ operates globally with offices in Europe, the United Kingdom and North America, and via certified value-add partners.
More on eTradeWire News
Learn more at www.eclecticiq.com
About ThreatFabric
ThreatFabric helps financial institutions protect their online services, stop fraud and enhance customer experience. Powered by threat intelligence, ThreatFabric's solutions offer a holistic approach to risk detection and fraud prevention. MTI (Mobile Threat Intelligence) provides global visibility and context on the mobile banking threat landscape. It is the threat intelligence solution to use to protect personal data, customers and brand from financially motivated threat actors. It includes the strategic overview of threats and context as well as all relevant technical indicators. CSD (Client Side detection) provides the answer to the constantly-evolving fraud landscape and regulatory challenges. An omnichannel solution that empowers financial institutions to pro-actively detecting known and unknown threats to mitigate fraud and build trust across their online services.
Learn more at www.threatfabric.com
Key analysis points by ThreatFabric and EclecticIQ reveal that:
- Threat actors have been disguising Android packages as legitimate government-backed contact tracing applications for financial gain.
- There is evidence to suggest that actors have used repackaged commodity and open-source malware to lower the investment required in the observed campaigns.
- Third-party port forwarding, and secure tunneling services have probably been used to provide anonymization to command and control (C2) infrastructure.
- The Android packages were probably delivered through links pointing to phishing pages.
The findings of the report suggest that threat actors will almost certainly continue to use commodity and open source-based malware disguised as legitimate contact tracing applications for financial gain. The low barrier to entry provided by these tools and the continued rollout of contact tracing applications by nations, presents continued financial opportunity for cybercriminals into the near future. Malicious actors have shown their willingness to exploit the current pandemic by targeting legitimate contact tracing applications consistently in recent months. Samples analyzed by EclecticIQ and ThreatFabric researchers had an earliest estimated build time of April 12th, 2020 with the latest being June 23rd, 2020.
More on eTradeWire News
- TMRWLive! Virtual Experience:The Breeding Ground For Future Faith-Driven Millionaires™
- Charitable Giving Opportunity for Companies in Chicago: Sponsor A School Today!
- A. Barry Cappello and Leila Noël Selected to 2021 Southern California Super Lawyers List
- Simplii Consulting–The Home Services Industry's Newest Consulting Firm Launches Nationwide
- Gembah Sees Exponential Growth Year-Over-Year as eCommerce Industry Thrives
Peter Ferguson, Cyber Threat Intelligence Specialist at EclecticIQ's Fusion Center commented:
"Users should never download contact tracing android applications from links sent to them or from third party stores. If they are interested in downloading their nation's contact tracing application, they should use the official site or the Google Play Store."
Gaetan van Diemen, General Manager at ThreatFabric commented:
"Threat actors have become very efficient in tricking users into downloading and installing a phenomenal variety of malicious apps on their mobile devices. To avoid fraud and brand or reputation damage, we strongly recommend app developers and online service providers to adapt their security strategy based on the factual evolution of the mobile threat landscape."
Additional Resources:
- Read full report here
About EclecticIQ
EclecticIQ enables intelligence-powered cybersecurity for government organizations and commercial enterprises. We develop analyst-centric products and services that align our clients' cyber security focus with their threat reality. The result is intelligence-led security, improved detection and prevention, and cost-efficient security investments.
Our solutions are built specifically for analysts across all intelligence-led security practices such as threat investigation and threat hunting, as well as incident response efforts. We tightly integrate our solutions with our customers' IT security controls and systems. EclecticIQ operates globally with offices in Europe, the United Kingdom and North America, and via certified value-add partners.
More on eTradeWire News
- The Los Angeles Small Business Development Center Launches Black Business Strategies Program
- MMP-13 Inhibitor Screening Kit (Fluorometric)
- Dr Peter Haxell of Forefront Acupuncture opens a new Chinese Medicine practice in Torqay Victoria
- Open Registration Latin Podcast Awards 2021
- 227's™ YouTube Chili' Nia Chili' Dennis "Spicy' BLACK Chili' EXCELLENCE!" UCLA #JORDAN'Spicy' NBA!
Learn more at www.eclecticiq.com
About ThreatFabric
ThreatFabric helps financial institutions protect their online services, stop fraud and enhance customer experience. Powered by threat intelligence, ThreatFabric's solutions offer a holistic approach to risk detection and fraud prevention. MTI (Mobile Threat Intelligence) provides global visibility and context on the mobile banking threat landscape. It is the threat intelligence solution to use to protect personal data, customers and brand from financially motivated threat actors. It includes the strategic overview of threats and context as well as all relevant technical indicators. CSD (Client Side detection) provides the answer to the constantly-evolving fraud landscape and regulatory challenges. An omnichannel solution that empowers financial institutions to pro-actively detecting known and unknown threats to mitigate fraud and build trust across their online services.
Learn more at www.threatfabric.com
Source: EclecticIQ
0 Comments
Latest on eTradeWire News
- Thomas Brown Honored With Respected Invitation
- Impeachment - Senator Leahy Presiding May Undercut Legitimacy
- Inspired by an Untamable and Generous Soul, White River Red Proves True Strength Comes From Within
- Used 2016 BMW 3 Series 328I For Sale
- NICR Hires New Quality Assurance Manager
- Innovative Environmental Technologies, Inc.(IET) Announces Teaming with AXXELLA, LLC
- Saint Mary's School Earns AP Computer Science Female Diversity Award
- SportLogic, Inc. Announces SportTourism Facility Design
- Beautiful black ebony Bosendorfer grand piano hammers for $53,125 at Ripley Auctions, January 16th
- Leigh Nash Set To Release New Single "Good Trouble" Friday, February 5
- Angie Politarhos Honored With Esteemed Invitation
- Decorating "Things" has never been easier!
- Animation Stars, Candyman, Third 'Last Fan Standing' Added To Wizard World Virtual Experiences
- MC Companies and Move For Hunger Announce Collaborative Effort to Fight Hunger Nationwide
- Black Used 2017 Nissan Rogue For Sale
- The Perfectionist Hairstylist, Feature Film
- Braces in Springfield from Exeter Orthodontics Help Straighten Teeth
- Judith Keim Releases New Women's Fiction Novel - The Desert Flowers - Rose
- Former Daymond John partner opens movie-themed smoothie shop in South Jersey
- More O2 to Slash COVID Deaths in Poor Countries