Podec Trojan Marks Spike in Malware Distribution via Mobile Apps, Social Media



The unveiling of the Podec Trojan by Kaspersky once again demonstrates the risks involved with downloading mobile applications from untrusted or unofficial app stores.

One of the most interesting aspects here is that the main delivery mechanism for the Trojan appears to be cracked versions of popular mobile games. While this type of delivery method has been used before in traditional PC attacks, its use in a mobile environment shows the increasing importance of this platform as a target for extorting money from users.

The growing use of social media to entice victims is also a key concern here. Social media is one of the primary channels many mobile app developers use to advertise their latest products in a quick, convenient and cost effective way. Add to this the fact that many social media users have a false sense of security about what they are seeing and who it is coming from. This combination of factors means users may let their guard down or be more likely to click on links they otherwise wouldn’t, opening up the doors to malicious threats like Podec.

The key lessons to learn from this discovery are:

  1. Never install any app that come from non-trusted sources. For corporations, this means enforcing policies that block users from installing applications from non-approved sites.
  2. Always be wary of information shared through social media, especially if its origins or the original sharer is not someone in your immediate contacts list.

There is also a growing responsibility amongst social media platforms, phone manufacturers and even mobile operators to monitor more closely for these new types of threat and protect users by detecting and blocking them before they have the chance to infect mobile devices.

Thomas Fischer

Advanced Threat Protection - Building a Kill Chain Defense

Detect and stop targeted attacks with a data-centric approach that protects sensitive data regardless of the source of attack.

Download now

Related Articles
US Government Outing North Korean Cyberespionage

The Federal Bureau of Investigation and the Department of Homeland Security on Tuesday released an alert detailing two kinds of malware used by Hidden Cobra, the codename the U.S. has given to the North Korean government's cyberattacks.

Friday Five: 7/5 Edition

Cracking a five year Facebook malware campaign, this week's CDN outage, and an app fined for leaking users' photos - catch up on the week's news with this recap!

Europol Arrests Suspect Behind Carbanak, $1.2 Billion Heist

The leader of the cybercrime gang, which targeted financial transfers dating back to 2013, was recently arrested in Spain.

Thomas Fischer

Thomas Fischer is global security advocate at Digital Guardian, based out of our EMEA headquarters in London. In addition to his role at Digital Guardian, Thomas is director of the BSides London conference.

Please post your comments here