Hackers Targeting Android Browsers

A new McAfee research paper claims that hackers and cybercriminals are using mobile browsers as a new infection vector. Also, there's a reason why spammers target French and German Internet users with fake personal ads.

Android phones might be popular, but they're fertile territory for cybercriminals. According to a newly released McAfee report, phones are increasingly being infected by malware through mobile browsers.

Instead of hoping fake games or wallpaper apps make it through the industrial-strength bouncers at the Google Play store, shady criminal gangs in the U.S. and abroad are implanting hidden downloads in mobile-optimized web pages. Unfortunately, the tactic is working.

McAfee researchers found more than 4,500 pieces of new mobile malware in the second quarter of 2012, according to the report. This was a slight decrease from the first quarter of the year. The vast majority of the new malware discoveries were for Android phones, with a slight percentage instead designed for Symbian or Java ME. Barely any iPhone or iPad malware was discovered.

The latest discovery for criminals is how easy it is to infect unknowing users via mobile browsers for Android. A new piece of malware called Android/NotCompatible.A infected users who visited infected sites and were tricked into downloading fake files with names like "Android System Update 4.0.apk." Vulnerable users without much technical knowledge were caught unaware. Unfortunately, the security etiquette adopted by most desktop or laptop computer users has not yet migrated to mobile devices.

Pat Calhoun, McAfee's Senior Vice President and General Manager for Network Security, told Fast Company that one of the company's biggest worries right now is a general sea change among hackers and cybercriminals. Instead of seeking maximum disruption, the firm is now seeing more individuals being targeted. "Cybercriminals are getting a lot more creative; social media sites like Facebook are being used to collect info on a target within an organization […] Hackers are getting increasingly specific in what they are looking for and are becoming much more precise," Calhoun says.

Another portion of the report dives into something of deep sociological interest—the tactics used by spammers in different countries. Brazilian, Belarusian, German, Indian, and Russian email accounts are disproportionately flooded with drug spam. While those countries might constitute the Viagra/Cialis/Xanax belt, American email accounts are instead flooded with fake email delivery delay errors. Meanwhile, spammers love targeting French and German email accounts with letters of introduction from single women.

During the second quarter of 2012, McAfee researchers found approximately 2.7 new malware-infected URLs per month.

According to rival Norton's annual cybercrime report, which was released today, 46% of adult Internet users have fallen victim to cybercrime in the past year. This number includes malware, viruses, hacking, scams, fraud, and theft. 31% of mobile users worldwide have been targeted by malware or rogue SMS message schemes.

[Bottom Image: McAfee]

For more stories like this, follow @fastcompany on Twitter. Find Neal Ungerleider, the author of this article, on Twitter and Google+.

Add New Comment


  • Greeyps Greeyps

    Cyber criminals are increasingly becoming more cunning and advanced than ever before.Many users are falling prey as they don't have a basic working knowledge and understanding of cyber security issues or their just ignorant of the advice given.Its high time there is global collaboration to combat cyber attacks and crimes.

    By Greeyps

  • Vietprincess80

    I read the first 5 words of this article and know that it is BULLSH!T:

    "A new *McAfee* research paper..."

    Of course they want to scare you of this (non-existent) disease because they sell the cure.

    This also shows you the integrity of Fast Company "news" articles. They were probably paid by McAfee to run this article.

    That's just how mainstream "news" media works nowadays. Independent news is sadly becoming a thing of the past.

  • HackDefendr

    I keep reading all these warnings...but as of today, and 3 different Android phones, and 2 different Android tablets -- I have yet to get any Spam, No security related attacks, nothing.

    Mainstream Tech Media is full of hype and just trying to scare the consumers.

    But who's agenda is it really?