Friday, September 23, 2016

The Rise of Mobile Malware - A Retrospective

With, mobile, malware, continuing, to, proliferate, cybercriminals, continue, getting, successfully, positioned, to, take, advantage, of, hundreds, of, thousands, of, socially, engineering, users, on, their, way, to, earn, fraudulent, revenue, in, the, process, of, monetizing, access, to, their, devices, potentially, compromising, the, confidentiality, integrity, and, availability, of, their, devices, on, their, way, to, earn, fraudulent, revenue, in the, process. 

Thanks, to, a vibrant, cybercrime, ecosystem, offering, access, to, a, variety, of, managed, cybercrime-friendly, services, next, to, the, overall, availability, of, DIY (do-it-yourself), type, of, malicious, software, generating, tools, cybercriminals, continue, getting, successfully, positioned, to, take, advantage, of, hundreds, of, thousands, of, socially, engineered, users,
on, their, way, to, monetize, access, to, their, devices, and, earn, fraudulent, revenue, in, the, process.

Largely, relying, on, a, set, of, socially, engineering, attack, vectors, cybercriminals, continue, successfully, infiltrating, and, bypassing, Google Play, the, Web's, most, popular, Android, applications, marketplace, on, their, way, to, earn, fraudulent, revenue, in, the, process, successfully, tricking, hundreds, of, thousands, of, users, into, successfully, executing, malicious, software, on, their, devices.

Thanks, to, a, vibrant, cybercrime-friendly, ecosystem, offering, a, variety, of, managed, services, including, the, compromise, of, a, legitimate, publisher's, Google Play, account, cybercriminals, continue, successfully, infiltrating, Google Play, successfully, earning, fraudulent, revenue, in, the, process, while, tricking, tens, of, thousands, of, socially, engineered, users, into, executing, malicious, software, on, their, devices.

Largely, relying, on, the, active, abuse, of, access, to, a, malware-infected, hosts, cybercriminals, continue, successfully, utilizing, basic, data, mining, techniques, to, successfully, obtain, access, to, a, set, of, Web, properties, including, but, not, limited, to, Google Play, for, the, purpose, of, successfully, earning, fraudulent, revenue, in, the, process. Largely, relying, on, basic, traffic, segmentation, tactics, cybercriminals, are, successfully, positioned, to, obtain, access, to, a, legitimate, Google Play, publisher's, account, for, the, purpose, of, successfully, monetizing, access, to, a, particular, publisher's, account, on, their, way, to, spread, malicious, software, and, earn, fraudulent, revenue, in, the, process.

These, basic, social, engineering, type, of, attack, techniques, continue, successfully, empowering, cybercriminals, with, the, necessary, tactics, techniques, and, procedures, successfully, bypassing, Google Play's, security mechanisms, on, their, way, to, spread, malicious, software, and, earn, fraudulent, revenue, in, the, process, of, obtaining, access, to, a, particular, publisher's, Google Play, account.

Next, to, the, general, compromise, of, a, legitimate, publisher's, Google Play, account, cybercriminals, are, successfully, positioned, to, take, advantage, of, primary, Android, applications, marketplaces, such, as, Google, Play, for, the, purpose, of, successfully, establishing, rogue, publisher's, reputations, successfully, relying, on, a, set, of, cybercrime-friendly, managed, underground, type, of, managed, cybercrime-friendly, services, offering, access, to, Google, Play, for, the, purpose, of, successfully, monetizing, access, to, a, particular, publisher's, account, largely, relying, on, a, set, of, social, engineering, attack, vectors, in, combination, with, the, use, of, cybercrime-friendly, managed, DIY (do-it-yourself), type, of, managed, cybercrime-friendly, services, successfully, monetizing, access, to, a, particular, publisher's, account, for, the, purpose, of, earning, fraudulent, revenue, in, the, process, while, successfully, infiltrating, the, Web's, most, popular, Android, marketplace, Google, Play.

Next, the, general, compromise, of, a, legitimate, publisher's, Google, Play, account, next, to, the, general, infiltrating, of, Google, Play, for, the, purpose, of, pushing, malicious, software, to unsuspecting, users, cybercriminals, continue, actively, relying, on, a, set, of, underground, market, cybercrime-friendly, secondary, marketplaces, offering, access, to, hundreds, of, thousands, of, rogue, Android, applications, successfully, bypassing, a, socially, engineered, user's, security, device, security, mechanisms, on, their, way, to, earn, fraudulent, revenue, in, the, process, while, successfully, monetizing, access, to, a, particular, compromise, device, on, their, way, to earn, fraudulent, revenue, in, the, process. 

With, secondary, marketplaces, continuing, to, proliferate, cybercriminals, continue, earning, fraudulent, revenue, in, the, process, of, monetizing, and, obtaining, access, to, a, socially, engineered, user's, compromised, device. Largely, relying, on, a, set, of, black, hat, SEO (search engine optimization) tactics, cybercriminals, continue, actively, populating, secondary, marketplaces, with, hundreds, of, thousands, of, rogue, applications, potentially, exposing, the, confidentiality, integrity, and, availability, of, a, socially, engineered, user's, compromised, device, for, the, purpose, of, earning,
fraudulent, revenue, in, the, process. With, secondary, marketplaces, continuing, to, bypass, a, socially, engineered, user's, device, security, for, the, purpose, of, earning, fraudulent, revenue, in, the, process, cybercriminals, continue, to, successfully, bypass, an, affected, user's, device, security, for, the, purpose, of, earning, fraudulent, revenue, in, the, process.

Thanks, to, a vibrant, cybercrime-friendly, ecosystem, cybercriminals, continue, to, successfully, infiltrate, primary, and, secondary, marketplaces, with, hundreds, of, malicious, releases, thanks, to, the, overall, availability, of, DIY (do-it-yourslef), malicious, software, generating, tools, next, to, the, overall, availability, of, managed, cybercrime-friendly, services, successfully, empowering, cybercriminals, with, the, necessary, tactics, techniques, and, procedures, for, the, purpose, of, launching, malicious, attacks, successfully, bypassing, a, primary, and, secondary, marketplaces, security, mechanisms, in, place. Next, to, the, overall, availability, of, DIY (do-it-yourself), type, of, malicious, software, generating, tools, cybercriminals, continue, to, actively, take, advantage, of, managed, malware-as-a-service, type, of, managed, cybercrime-friendly, services, for, the, purpose, of, successfully, generating, malicious, software, type, of, cybercrime-friendly, releases, successfully, bypassing, primary, and, secondary, marketplaces, security, mechanisms, in, place. 

Among, the, most, popular, features, of, such, type, of, managed, cybercrime-friendly, type, of, managed, cybercrime-friendly, type, of, services, remain, the, active, infiltration, of, primary, and, secondary, marketplaces, including, the, active, verification, of, a, particular, malicious, release, against, the, most, popular, antivirus, scanners, successfully, ensuring, the, sucess, rate, for, a, particular, malicious, campaign, while, earning, fraudulent, revenue, in, the, process, on, their, way, to, successfully, infiltrate, a, socially, engineered, user's, device, while, earning, fraudulent, revenue, in, the, process.

Among, the, most, popular, traffic, acquisition, tactics, remain, the, active, utilization, of, underground, market, traffic, exchanges, for, the, purpose, of, successfully, monetizing, and, acquiring, the, hijacked, traffic, for, the, purpose, of, successfully, spreading, malicious, software, to, unsuspecting, users, globally, while, earning, fraudulent, revenue, in, the, process, on, their, way, to earn, fraudulent, revenue, in, the, process. Next, to, the, active, traffic, acquisition, tactics, thanks, to, the, overall, availability, of, underground, market, traffic, exchanges, cybercriminals, continue, to, actively, rely, on, basic, traffic, segmentation, tactics, for, the, purpose, of, serving, malicious, software, to, unsuspecting, users, while, earning, fraudulent, revenue, in, the, process. 

Continuing, to, rely, on, basic, traffic, segmentation, tactics, cybercriminals, continue, to, successfully, acquire, and, monetize, hijacked, traffic, successfully, monetizing, access, to, hundreds, of, thousands, of, socially, engineered, users, globally, potentially, exposing, the, confidentiality, integrity, and, availability, of, their, devices, to, a, multi-tude, of, malicious, software, while, earning, fraudulent, revenue, in the, process. Among, the, most, popular, growth, factors, for, the, purpose, of, earning, fraudulent, revenue, in, the,
process, remain, the, active, utilization, of, affiliate-network, type, of, rogue, software, generating, type, of, networks, successfully, bypassing, the, security, mechanisms, of, primary, and, secondary, marketplaces, successfully, empowering, cybercriminals, with, the, necessary, tactics, techniques, and, procedures, for, the, purpose, of, earning, fraudulent, revenue, in, the, process, while, successfully, monetizing, access, to, hundreds, of, thousands, of, malware-infected, devices, globally.

Next, to, the, active, traffic, acquisition, tactics, for, the, purpose, of, earning, fraudulent, revenue, while, monetizing, access, to, socially, engineered, user's, devices, globally, cybercriminals, continue, to, actively, monetize, access, to, hundreds, of, thousands, of, compromised, Web sites, successfully, monetizing, access, in, an, automated, fashion, largely, relying, on, managed, and, automated, Web, site, exploitation, tools, and, services, successfully, bypassing, the, security, and, confidentiality, and, integrity, and, availability, of, hundreds, of, socially, engineered, users, globally. 

Once, a, particular, cybercriminal, compromises, a, legitimate, Web sites, in, an, automated, fashion, he, would, automatically, launch, a, malicious, campaign, successfully, bypassing, the, security, confidentiality, and, availability, of, hundreds, of, socially, engineered, users, globally, for, the, purpose, of, earning, fraudulent, revenue, in, the, process, while, successfully, monetizing, access, to, a, variety, of, users, globally, for, the, purpose, of, earning, fraudulent, revenue, in, the, process, while, successfully, monetizing, access, to, hundreds, of, thousands, of, users, globally, for, the, purpose, of, earning, fraudulent, revenue, in, the, process.

Thanks, to, the, overall, availability, of, malicious, software, generating, tools, managed, cybercrime friendly, services, the, overall, prevalence, of, cybercrime-friendly, underground-marketplace, traffic, exchanges, and, the, automated, exploitation, of, hundreds, of, thousands, of, legitimate, Web sites, in, an, automated, fashion, cybercriminals, continue, to, successfully, monetize, and, earn, fraudulent, revenue, in, the, process, of, obtaining, access, to, a, targeted, user's, device, for, the, purpose, of, successfully, bypassing, the, confidentiality, availability, and, integrity, of, the, targeted, user's, device, successfully, monetizing, and, earning, fraudulent, revenue, in, the, process. 

Thanks, to, the, overall, availability, of, managed, affiliate-based, type, of, cybercrime-friendly, services, cybercriminals, continue, to, successfully, monetize, and, obtain, access, to, hundreds, of, thousands, of, managed, cybercrime-friendly, type, of, compromised, devices, successfully, monetizing, and, earning, fraudulent, revenue, in, the, process, while, successfully, bypassing, the, confidentiality, availability, and, integrity, of, the, targeted, devices, while, successfully, monetizing, the, socially, engineered, user's, device, for, the, purpose, of, launching, malicious, software, type, of, malicious, campaigns, globally.