Published 4:08 pm Tuesday, July 25, 2023
By Cal Bryant
(Editor’s Note: The majority of this column was written, by me, in September of 2016. You will note near the bottom portion of the column where I have interjected a present-day version of such malware attacks.)
A few years back, a friend in the banking business told me that while the vault in his brick-and-mortar building was safe from attack, the real threat wasn’t muscle-bound men wearing body armor and brandishing weapons, but rather some lazy geek sitting in his underwear in the basement of his home staring at a computer screen.
According to the Wall Street Journal, my friend is correct.
Cybersecurity experts told the WSJ there is an uptick in breaches of individual bank accounts thanks to a new round of malware that specifically targets smartphones.
Malware programs with names like Acecard and GM Bot are now the darlings of the criminal underground. And it’s little wonder why — the use of mobile banking apps is up 10 percent from 2011. The Federal Reserve reports over 50 percent of smartphone users have used them to access their bank accounts in the last 12 months.
So the criminals naturally migrate to where the money is. ATM skimmer scams and credit card breaches are so last year, apparently!
The new types of smartphone-specific malware are built to steal your log-in credentials and they target both Android and iOS. Just days ago, Apple had to put out word to its customer base that a new patch was available for three recently discovered iOS exploits.
How does the malware get on your phone?
Malware programs like Acecard and GM Bot can show up on your phone if you click a virus-laden text message from an unknown party or if you accidently hit a “scammy” ad on a website.
So, what does the malware do once it secretly loads itself on your smartphone? Experts say it just hangs out…. waiting until you access any financial apps. When you do, it comes alive and creates a virtual copy of the authentic banking app to trick you into thinking you’re at the right place to log on. You enter your info and bam…it’s captured by the criminals.
Cybersecurity experts told the WSJ of nine ways that smartphone owners can protect their valuable banking information.
UPDATE: 2023
According to safetydetectives.com, the most dangerous virus and malware threats in 2023 are as follows:
Ransomware encrypts your files until you pay a ransom to the hackers. “Clop” is one of the latest and most dangerous ransomware threats. It’s a variant of the well-known CryptoMix ransomware, which frequently targets Windows users.
Hackers have been increasingly sending emails that instruct readers to install urgent Windows OS updates. The emails trick readers into installing the “latest” Windows updates, which are actually ransomware ‘.exe’ files in disguise. The ransomware contained in these emails is known as “Cyborg”. It encrypts all of your files and programs and demands a ransom payment to un-encrypt the files.
Zeus Gameover is part of the “Zeus” family of malware and viruses. This piece of malware is a Trojan — malware disguised as something legitimate — that accesses your sensitive bank account details and steals all of your funds.
Cybercriminals often use current news stories and global events to target people with malware.
One example is hackers using the wave of the COVID-19 (Coronavirus) outbreak to target individuals with malware. Hackers send out emails that are disguised as legitimate information about the outbreak. Readers are prompted to click a link to learn more about the information, but the link contains malware that copies the files on your device and steals your personal information.
As more tools become available to developers who want to program AI scripts and software, hackers will be able to use this same technology to carry out devastating cyberattacks.
Although cybersecurity companies are using artificial intelligence and machine learning algorithms to help combat malware, these technologies can also be exploited to hack devices and networks on a massive scale.
Cyberattacks require a lot of time and effort to create and launch so as AI and machine learning evolve, it’s likely that cybercriminals will find ways to use it and come up with more advanced and destructive AI-based malware.
I don’t know about you, but I work hard for the money my boss pays me every two weeks. After looking at all the taxes deducted to help others afford food, shelter, insurance and gaudy rims and tires, I definitely would like to steer clear of another moocher of my money.
Cal Bryant is the Editor of Roanoke-Chowan Publications. Contact him at [email protected] or 252-332-7207.
Cal Bryant, a 40-year veteran of the newspaper industry, serves as the Editor at Roanoke-Chowan Publications, publishers of the Roanoke-Chowan News-Herald, Gates County Index, and Front Porch Living magazine.