It turns out we had no idea how popular and prevalent mobile malware is, and how much it is in use for surveillance and espionage campaigns. In reality, there are many active actors and advanced persistent threats we never knew existed.
There are a lot of apps you can download on Apple’s App Store and the Google Play Store. That’s obvious. What’s not so obvious is that even though both companies do a pretty good job of (mostly) catching malware apps, there are still plenty that sneak through because they just toe the line between scammy and barely helpful.
It’s not just botnets that can hijack PCs for nefarious ends. Microsoft and Cisco’s Talos researchers have identified a new malware strain, Nodersok (or Divergent), that uses web apps to turn systems into proxies for malicious internet traffic.
A noticeable shift in the methodology for developing malware is taking place, and it can’t go unaddressed. A few years ago, attackers’ primary objective was to avoid detection – second only to making a profit. But recently, these criminals have realized a critical truth: the longer they hold an infected endpoint, the more their profit increases.