Protecting against Mobile Attacks

Transcription

1 2014-APR-17 Protecting against Mobile Attacks Frankie Wong Security Analyst, HKCERT 1 Image source:

2 2 Agenda Attacks moving to mobile Birthday to mobile malware Mobile malware trend Protect your devices HKCERT Supports Q & A Image source:

3 3 Attacks moving to mobile Image source:

4 4 Attacks moving to mobile Why?

5 5 Attacks moving to mobile 1. Mobile devices are connection-enabled 2. Valuable data 3. Valuable resource 4. High penetration 5. Smart OS eco-system

6 6 Attacks moving to mobile 1. Mobile devices are connection-enabled 3G/LTE Wi-Fi Bluetooth NFC Camera QR Code GSM SMS Image source:

7 7 Attacks moving to mobile 2. Valuable data Phone information IMEI, Phone number, SMS history, etc. Contact list Social engineering, Spam database Geo-location information Spy, Track history Images/Camera Spy, Surrounding environment Documents *.doc; *.pdf Image source:

8 8 Attacks moving to mobile 3. Valuable resource High speed CPU Powerful computing Always-On Internet connection Image source:

9 9

10 10 Attacks moving to mobile 4. High penetration Image source:

11 11 Attacks moving to mobile 5. Smart OS eco-system App store market Easy access Simple install Awareness Permission review Security tools PC threats in mobile: , links, browsers, flash, etc.

12 12 Birthday to mobile malware Image source:

13 13 Birthday to mobile malware How old? 10 Years

14 14 Birthday to mobile malware Image source:

15 15 Birthday to mobile malware Propagation via Bluetooth Propagation mix with MMS Premium SMS Mobile botnet Banking Trojan PC-mobile cross infection Ransomware

16 16 Mobile malware trend Image source:

17 17 Mobile malware trends Image source:

18 18 Mobile malware trends Premium SMS Mobile botnet Cross platform infection Ransomware CryptoCurrency Miner

19 19 Mobile malware trends Premium SMS Image source:

20 20 Mobile malware trends Mobile botnet (2009) SMS attacks on iphones (2011) DroidDream compromised Android (2012) Zitmo (Zeus-in-the-mobile) targeted Blackberry and Android Image source:

21 21 Mobile malware trends Mobile botnet (2014) idroidbot targets phones running ios 7.1 and earlier as well as Android 2.2 and later Support web administration Support TOR (anonymous) / proxy connection Tap mobile wallets Visa QIWI Wallet WebMoney Keeper Mobile Yandex Image source:

22 22 Mobile malware trends Mobile botnet Image source:

23 23 Mobile malware trends Cross platform infection Android malware infects Windows (2013) Auto-Run attack Windows malware infects Android devices (2014) adb (Android debug bridge) push Image source:

24 24 Mobile malware trends Ransomware Blackmail: Fake Anti-virus on Android (2013) Fraud: Fake Anti-virus Virus Shield on Android (2014) Image source:

25 25 Mobile malware trends CryptoCurrency Miner BitCoin / LiteCoin / DogeCoin [2014-Mar] CryptoCurrency mining malware found in Play Store Image source: Image source:

26 26 Protect your devices Image source:

27 27 Protect your devices How? What?

28 28 Protect your devices Things to protect Information Device information Personal information Resource Network resource CPU resource Image source:

29 29 Protect your devices used by ad libraries to geo-target ads. for spyware, it provides location data data helps botnets keep track of their bots. Image source:

30 30 Protect your devices Identify the enemy 1. Phishing 2. Malware 3. Vulnerability Image source:

31 31 Protect your devices Against Phishing 1. Against Phishing Shorten URL / Long Domain / SMS / IM message (e.g. WhatsApp, LINE, WeChat, etc.) Social networking website (e.g. Facebook) Advertisements QR-Code / NFC Wi-Fi / Bluetooth connection AWARE

32 32 Protect your devices Against Phishing [2014-Apr] Apple ID Phishing Scam Image source:

33 33 Protect your devices Against Malware 2. Against Malware Don t install untrusted apps Don t download from the 3 rd party markets

34 34 Protect your devices Against Malware Re-package the legitimate app with additional permissions Image source:

35 35 Protect your devices Malware in Play Store ~ 0.1% Install apps only from the official store Against Malware Image source:

36 36 Protect your devices Against Malware Disable installation from Unknown sources Image source:

37 37 Protect your devices Install mobile security tools Against Malware Image source:

38 38 Protect your devices Against Vulnerability 3. Against Vulnerability Keep your System up-to-date Always update your Apps

39 39 Protect your devices Against Vulnerability [2013-Jul] Vulnerability in WhatsApp for Android Priyanka worm spreading Image source:

40 40 Protect your devices Against Vulnerability [2014-Feb] ios flaw allows malicious apps to record touch screen presses Image source:

41 41 Protect your devices Conclusion Beware of phishing message Install apps from official store Review permissions before apps installation Keep your System/Apps up-to-date Install mobile security tools Image source:

42 42 HKCERT Supports HK Google Play Store s Apps Security Risk Report ( Monthly report, 1st released in Jul-2013 HKCERT + NINIS in China Detect malicious/suspicious behaviors apps in Hong Kong Google Play Store

43 43 HKCERT Supports Guidelines on Mobile Guideline of Mobile Security BYOD Security Guidelines NFC Security Guidelines

44 Q&A Thank you Website: Hotline: