If there’s one thing we can count on it’s the tenacity and resourcefulness of cybercriminals. SandBlast Mobile threat researchers recently identified two new trends emerging in the global hacking community.
First, cybercriminals have recently begun developing mobile permutations of existing zero-day malware. One recent case involved a mobile remote access Trojan (mRAT) that was spotted on the device of the chief security officer of a major European bank. An mRAT allows an attacker to remotely access an infected device and gather information from all its sensors, such as the camera, microphone, message and call directories, and much more. mRATs are typically used to surveil mobile users in espionage operations.
The malware found on the device of the bank’s security officer was a strain of Ispyoo, based upon an existing framework sold commercially as “parental protection” under different names, such as Copy9, OmegaSpy and many more. Yes, that was on the security officer’s phone …
The second trend observed by Check Point researchers is the rise of targeted SMS phishing attacks. SMS phishing generally involves a text message with a single link to a fake account login page. But new SMiShing tactics use a text message with a link that when accessed downloads zero-day malware. SMS phishing, targets consumers and enterprises alike and actors are introducing new techniques to increase its effectiveness. These SMiShing attacks are used to steal users’ credentials to access corporate networks and applications.
As readers of this space know, Check Point continually analyzes cyberthreats in the wild and assesses hackers’ tactics in the mobile domain. This threat research naturally informs Check Point’s product development. That is why SandBlast Mobile is the leading mobile threat defense solution for preventing sophisticated mobile cyberattacks on businesses and government agencies. Its technology protects against device, apps, and in-network threats, scoring the industry’s highest threat catch rate.
Today’s SandBlast Mobile announcement highlights three exciting, new capabilities, namely:
- On-device artificial intelligence detection to instantly prevent the installation of zero-day malware. In less than five seconds SandBlast Mobile detects malware with a 0.009% false positive rate, even when the device is without an Internet connection. SandBlast Mobile still does a great deal of work in the cloud, such as correlating signatures, sandboxing apps, advanced code analysis and threat reputation; but the use of on-device AI to prevent infection by malware is a quantum leap in mobile device technology.
- SMiShing prevention on both iOS and Android.
The technology leverages Check Point Threat Cloud, the world’s largest threat intelligence network to identify the URLs of phishing sites. Every SMS message that contains a link is anonymously checked against ThreatCloud. When a SMiShing link is identified, the user and system administrators are instantly notified.
- A new content-rich app that allows users to monitor and control device security.
The SandBlast Mobile app puts the user in control of the safety of their device. Dashboards show whether your device, network and apps are protected, and alerts you when you’re under attack and what action to take. The sleek, new design engages and empowers users and helps foster adoption across organizations. SandBlast Mobile customers are already enjoying the new app experience, and the positive feedback has been remarkable.
I encourage you to take SandBlast Mobile for a spin in your own environment and schedule a demo today.