How Information Stealing using malware?

How Information Stealing using malware?

Leave a Comment / Cloud Application Security, Cloud Data Security  / By

There are no ways to prevent malware attacks but there are reliable ways to detect and block attacks, thus protecting your systems from being infected by malicious software.

The below mention graphs depict the growth in mobile malware. 

Old mobile malware
Old mobile malware

New Mobile malware

New Mobile malware
New Mobile malware

While the numbers vary on the exact scale of the issue, what the two graphs should do is leave the you in no doubt that here we have two organizations that compete commercially but agree that the growth of mobile malware is of significant concern.

Furthermore, mobile malware is predicted to continue growing. According to McAfee Labs,

In the last two quarters reported, new PC malware growth was nearly flat, while appearances of new Android samples grew by 33%.

While McAfee Labs expects this trend to continue in 2014 it’s not just the growth rate in new mobile attacks that will make news.

We also expect to see entirely new types of attacks targeting Android.”

The examples cited in the Mobile Threats research are Zitmo, which is based on the Zeus malware intended to steal mobile transaction authorization numbers (mTANs) that are used for mobile e-banking. 

According to Kaspersky, Zitmo malware works in the following fashion:

  1. Cybercriminals use the PC-based ZeuS to steal the data needed to access online banking accounts and client mobile phone numbers.
  2. The victim’s mobile phone (see point 1) receives a text message with a request to install an updated security certificate or some other necessary software. However, the link in the text message will actually lead to the mobile version of ZeuS.
  3. If the victim installs the software and infects his phone, then the malicious user can then use the stolen personal data and attempt to make cash transactions from the user’s account but will need an mTAN code to authenticate the transaction.
  4. The bank sends out a text message with the mTAN code to the client’s mobile phone.
  5. ZitMo forwards the text message with the mTAN code to the malicious user’s phone.
  6.  The malicious user is then able to use the mTAN code to authenticate the transaction.

This of course is merely the tip of the iceberg regarding mobile-based malware, with others not only targeting the data on the mobile device but also, in the case of NickSpy, recording conversations and uploading them to a remote server. 

Alternatively, in the case of Dendriod, the ability to “take pictures using the phone’s camera, record audio, and video, download existing pictures, record calls, send texts, and more.”

Of course, one of the many reasons that mobile malware is growing at such an exponential rate is the relatively low adoption rate among users of security software. 

According to a survey conducted by the National Cyber Security Alliance, three-quarters of US respondents have not installed security software on their smartphones.

Top 10 Security Tips for Malware Prevention

According to Netwrix Corporation

1. Control access to systems.

There are multiple ways to regulate your networks to protect against data breaches:

  • Install or implement a firewall, intrusion detection system (IDS), and intrusion prevention system (IPS).
  • Never use unfamiliar remote drives or media that were used on a publicly accessible device.
  • Close unused ports and disable unused protocols.
  • Remove inactive user accounts.
  • Carefully read all licensing agreements before installing software.

2. Keep software updated.

No software package is completely safe against malware. However, software vendors regularly provide patches and updates to close whatever new vulnerabilities show up.

As a best practice, validate and install all new software patches:

  • Regularly update your operating systems, software tools, browsers, and plug-ins.
  • Implement routine maintenance to ensure all software is current and check for signs of malware in log reports.

3. Use administrator accounts only when absolutely necessary.

Malware often has the same privileges as the active user. Non-administrator accounts are usually blocked from accessing the most sensitive parts of a computer or network system. Therefore:

  • Avoid using administrative privileges to browse the web or check email.
  • Log in as an administrator only to perform administrative tasks, such as to make configuration changes.
  • Install the software using administrator credentials only after you have validated that the software is legitimate and secure.

4. Use secure authentication methods.

The following best practices help keep accounts safe:

  • Require strong passwords with at least eight characters, including an uppercase letter, a lowercase letter, a number, and a symbol in each password.
  • Enable multi-factor authentication, such as a PIN or security questions in addition to a password.
  • Use biometric tools like fingerprints, voiceprints, facial recognition, and iris scans.
  • Never save passwords on a computer or network. Use a secure password manager if needed.

5. Install anti-virus and anti-spyware software.

Anti-virus and anti-spyware programs scan computer files to identify and remove malware. Be sure to:

  • Keep your security tools updated.
  • Immediately remove detected malware.
  • Audit your files for missing data, errors, and unauthorized additions.

6. Adhere to the least-privilege model.

Adopt and enforce the principle of least privilege: Grant users in your organization the minimum access to system capabilities, services, and data they need to complete their work.

7. Limit application privileges.

A hacker only needs an open door to infiltrate your business. Limit the number of possible entryways by restricting application privileges on your devices. Allow only the application features and functions that are absolutely necessary to get work done.

8. Implement email security and spam protection.

Email is an essential business communication tool, but it’s also a common malware channel. To reduce the risk of infection:

  • Scan all incoming email messages, including attachments, for malware.
  • Set spam filters to reduce unwanted emails.
  • Limit user access to only company-approved links, messages, and email addresses.

10. Educate your users.

At the end of the day, people are the best line of defense. By continually educating users, you can help reduce the risk that they will be tricked by phishing or other tactics and accidentally introduce malware into your network. In particular:

  • Build awareness of common malware attacks.
  • Keep users up to date on basic cybersecurity trends and best practices.
  • Teach users how to recognize credible sites and what to do if they stumble onto a suspicious one.
  • Encourage users to report unusual system behavior.
  • Advise users to only join secure networks and to use VPNs when working outside the office.

9. Monitor for suspicious activity.

Monitor, all user accounts for suspicious activity. This includes:

  • Logging all incoming and outgoing traffic
  • Baselining normal user activity and proactively looking for aberrations
  • Investigating unusual actions promptly

Conclusion

Malware infections can be devastating for organizations. By interrupting critical workflows and stealing or encrypting crucial data, malware can cause serious financial and reputation damage. Use the 10 tips detailed here to protect yourself and your business from malware infection. Also, perform regular backups to offline storage to make sure you can restore your data from a backup if malware hits your environment.

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top