Recently, the number of attacks on smartphones has been increasing significantly. Cybercriminals don’t target you by accident. Payments and other transactions on bank accounts are often confirmed via telephones. So if attackers manage to take control of a mobile device, they usually get a bank account served on a golden platter.
This year, adware in particular is spreading massively on mobile phones. These are malicious codes that annoy users by displaying excessive advertisements.
“Since the very beginning, this aggressive malicious ad has followed the same and probably still working strategy – it spreads through different versions of well-known games and is most often encountered in one third-party store, i.e. outside the official Google Play store. Typically, this can be a situation where we search for the game we want to download via a search engine, and not directly at the official distribution points,” said Martin Jirkal, head of the analytical team at the Prague branch of Eset.
Fraudsters abuse Aukro. This is how they rip off the gullible
Safety
Until now, Andreed adware, which is currently the most widespread threat for the Android platform, was most often spread through the game Bridge Constructor, in January the attackers disguised it as the title Tower Conquest. The problem, according to security experts, is the fact that attackers target all age categories of users through modified games – for example, even children.
They spread other viruses
Security experts have also noted increased activity in the case of the Agent KMZ dropper. This malicious code also targets players. “Dropper Agent KMZ currently takes the form of a modification recorder, abbreviated mods for applications, we most often discovered it in January as a modification for the game Zombie War Idle Defense or a modification for the well-known game Archero,” stated the security expert.
Droppers are malicious codes that are used to deliver other viruses to the infected device. “On closer analysis, we found that this current campaign did indeed distribute malicious code in some cases – we’re confident that adware was being distributed through it, and we can’t rule out other, more serious malware,” explained Jirkal.
Windows computers are most often terrorized by spyware. This is the name given to malicious code that got into a computer without the knowledge of its owner and continues to send information about it – in essence, it steals it. This information may relate to passwords used, access to bank accounts, etc.
They promise easy riches and miracle cures. Then they rip off the trusty
Safety
Spyware is getting stronger
This is exactly the task of Agent Tesla, which is ranked first in viral statistics. But it also applies to the second most frequently detected threat – the Formbook spyware.
“Spyware Agent Tesla strengthened by several percent in January. While in December, security specialists detected it in roughly a tenth of all cases, in January the total number of detections had already increased to 15.14% of all detected threats for the Windows operating system in the Czech Republic,” the security expert stated.
Viruses are most often spread through spam emails and also through fake websites. “In the Czech Republic, we can observe alternating campaigns that are either conducted globally, in English, or that try to adapt locally to local users by using Czech translations, which, however, are usually not correct and can alert users to the fact that something is not right,” explained the current the security situation in the country of Jirkal.
“Malware is constantly evolving and so are attack strategies. We anticipate that attackers may also invest in more reliable language translations in the future. In recent weeks, there has also been a discussion about the generation of spam with the help of artificial intelligence algorithms, but we can rather count on the fact that in the coming years English will prevail and the text into Czech will be translated more by machine,” the security expert added.
It spreads through notes. A dangerous virus opens a backdoor to Windows
Safety
The help of artificial intelligence
In addition, the cyber security company Check Point warned that there will be even more malicious codes this year. Hackers have enlisted the help of artificial intelligence, for example, the ChatGPT chatbot helps them create more sophisticated encryption tools, through which they block a computer remotely. And this despite the fact that the creators of ChatGPT try to fight against it.
“Artificial intelligence will certainly be one of the main topics of 2023. AI technologies help protect against cyber threats, but at the same time we see a great interest of cybercriminals in ChatGPT, for example,” warned Petr Kadrmas, security expert at Check Point.
According to him, “hackers are trying to use this available technology to write malicious code, and even if the current attempts are quite simple, it’s only a matter of time before professional hacking groups start using AI tools in a much more sophisticated way.”
A phenomenon called ChatGPT
Artificial intelligence has taken center stage with the development of ChatGPT. This chat system can generate a variety of texts including articles, essays, jokes and poetry based on simple queries. ChatGPT learns to respond to user input and, like humans, learns from large amounts of data.
In March this year, a more advanced GPT-4 artificial intelligence model was introduced. It should be able to provide safer and more useful answers and pave the way for the spread of human-like technologies.
ChatGPT is behind OpenAI, a start-up funded by Microsoft.
For example, already at the end of last year, a thread called “ChatGPT – the advantages of malware” appeared on one popular hacking forum. The author of the post shared with other computer hackers his experience of creating malware communities through a popular chatbot.
“For example, he was able to generate a basic theft tool that searches the system for 12 common file types – such as MS Office documents, PDFs and images. If interesting files are found, the malware copies them to a temporary directory, zips them, and sends them over the web. However, the files are sent in an unencrypted form, so they can also get into the hands of third parties. Another script could easily be modified to download and run any program, including common malware,” Kadrmas said.
This is alarming, according to security experts. Indeed, artificial intelligence can obviously be used by less technically savvy individuals to create the same sophisticated malicious code that seasoned hackers routinely use in their attacks.
Hackers have found a new helper. Artificial intelligence
Safety
Free tools
At the same time, according to security experts, tens of thousands of various malicious codes and their modifications are already circulating on the Internet. They can eavesdrop on users remotely, monitor their work, but can easily and skillfully bypass authentication mechanisms in internet banking.
Programs, each of which specializes in something different, help to detect such garbage on a computer or smartphone. Some can deal with Trojan horses or spyware, while others detect so-called keyloggers (programs that record keystrokes).
The price of such applications usually ranges from 500 to several thousand crowns. In addition, there are also free alternatives, which most often companies only offer for trial and only want to pay for a more advanced version. But also so that they can display advertising in them and thus earn money.
The results of tests of free and paid applications differ, in some even free programs win.
Only one security program of its kind should be installed on a PC at a time. Two antiviruses can make a nice mischief. The same also applies to firewalls and antispyware.
Ten of safe internet
1. Regular updates of the entire computer are important. These must be downloaded for the operating system, security gateway (firewall), antivirus and other programs.
2. Some viruses can block security software on a PC. Therefore, it is advisable to regularly check whether it is working.
3. Malware is often spread through spam. If you don’t know who the email is from, never download its attachment or click on any links.
4. Be wary of emails that ask you to log in to a website and update your account information.
5. When entering access passwords on websites, it is necessary to check whether the website is secure. You can recognize this, for example, by the lock icon on the bar of the Internet browser or by the fact that the website address begins with the abbreviation https, where “s” means secure.
6. Only enter sensitive personal information on websites that you know are safe.
7. Emails do not include confidential information such as credit card numbers or bank account passwords. E-mail can be intercepted by an attacker.
8. The firewall makes it possible to better secure the operating system. Less experienced users should definitely not turn it off. In case of insufficient knowledge, it is advisable to let it work in automatic mode.
9. Do not log in to internet banking in internet cafes and on other people’s computers. Keyloggers may be installed on your computer.
10. Caution is required when connecting to unencrypted wireless networks. Anyone can eavesdrop on them and gain access to all the data on someone else’s computer.
