Mobile devices are becoming the new target for attackers, now accounting for 57% of all internet-connected devices .
According to a study by Check Point , attacks on mobile devices oman phone number data generate more money than those carried out on other devices (computers, servers, etc.). These threats mainly attack mobile devices through malicious apps.
What can you take into account to avoid installing a malicious app on your mobile phone?
When you install an app on your phone, it asks you to grant it certain permissions. Many times these are not justified, for example, if you are installing an app for flashlight purposes and it asks you for access permissions to your camera or contacts, it is suspicious to say the least.
Also keep in mind that if your device has administrator permissions, that is, rooted, you will be able to install apps from unofficial stores that, therefore, have not passed the market filter.
In addition, on Android you can install apps downloaded directly to your phone or SD card using the “Unknown sources” option without being rooted, so you should make sure that you are going to install what you really want.
What threats are your mobile exposed to through malicious apps?
Ransomware: These programs access the mobile phone through the aforementioned malicious apps. They work by encrypting the files so that the user cannot access them and in exchange they are asked to pay a ransom.
Adware: These are applications that covertly make false clicks on advertisements without the users' consent, so that attackers can obtain profit. This happens when, for example, the user is playing a game and when clicking on the screen, they are covertly clicking on an advertisement.
Trojans: These are seemingly legitimate and harmless apps, but when run they give attackers remote access to the infected phone. In other words, they provide attackers with a backdoor to the device, allowing them to execute malicious code and infect it.
Keyloggers: These programs camouflage themselves in apps and keep a record of the keys pressed on the device screen. They obtain all kinds of information, such as conversations or user names and passwords for services accessed from the mobile.
Banking Trojans: These are a mix of the two previous ones (Trojans and keyloggers) and are presented through an app that appears to be similar to a bank, but is not one. With these apps, attackers steal information related to your bank accounts.
APT (Advanced Persistent Threat): This is a type of attack that is characterized by the sophisticated combination of several vulnerabilities and attacks at the same time to achieve its objectives. For example, attackers use fake profiles on social networks to trick their victims through social engineering, chat with them and tell them to install fake messaging apps with which they infect the mobile with a Trojan or ransomware. They can also use the information obtained through the permissions granted to the app to extort the victim or sell it to third parties without the user's knowledge.
