Magecart Strikes Again
Ticketmaster, British Airways, and Newegg have all been compromised. Who’s next? Read our research to see how we discovered the breaches.
IDG Connect: 2017 State of Enterprise Digital Defense Report
Findings quantify the security management gap and business impact of external web, social, and mobile threats.
Get the Research Report
Frost & Sullivan: The Digital Threat Management Platform Advantage
The material benefits of a platform-based approach to security outside the firewall.
Read the Report
2018 Holiday Shopping Season Threat Activity: A Snapshot
The 2018 holiday shopping season was the largest ever for online retailers, but threat actors filled their pockets, too.
So what did the threat activity around this shopping frenzy look like?
Rackspace Accelerates External Digital Threat Investigation with RiskIQ PassiveTotal
Download Case Study
EMA Radar™ Q4 2017 Report
RiskIQ ranked a technology and value leader in digital threat intelligence management.
Get the Analyst Report
As consumers get to grips with their new and second-hand Android smartphones and tablets gifted over the holiday season, many of them risk downloading malicious mobile apps without realizing.
RiskIQ discovered that 4% of the apps containing the same title as the 20 most popular apps of 2018 are blacklisted, i.e., have been flagged by one or more security vendors as containing malware or nuisance-ware such as unwanted ad servers. While many appear to be complementary to the official apps, there is a risk of downloading a malicious imposter in a rush to build out an app portfolio, of which we’ve already found multiple instances in our research into the most frequented e-commerce sites on Black Friday weekend.
This time, we analyzed over 18 million apps across 168 app stores and found that out of the 140,876 Android apps containing the 20 most popular app names in the title, only 9% (13,979) were from the official developers. Shockingly, 4% (6,101) were blacklisted. While 94% of the blacklisted apps were found on secondary Android app stores, an average of 17 different stores per title, 6% (348) were hosted on the Google Play store.
Whether receiving a new mobile device for the holidays or a hand-me-down from someone else getting a new device, users should exercise caution when downloading apps. They should stick to official app stores where possible but be aware that malicious apps can lurk there too. Here are three simple tips to follow before downloading any app.
1. Look at the developer name – does it look legitimate? If unsure, research it before proceeding.
2. Look at the number of downloads if available as well as any posted reviews.
3. Look at the permissions the app is requesting during installation. Do they look reasonable for the tasks the app needs to perform? If in doubt, don’t proceed.
With an astonishingly small portion of apps entirely under the control of their lawful owners, dangers can be enormous. First, unmonitored, uncontrolled apps may enable intentional or unintentional data leakage. If another person or entity has power over the app, they may be able to access confidential data that could provide other retailers or product manufacturers with a competitive advantage. Alternatively, it may result in fraud, particularly if the app facilitates in-store or remote payment.
Second, a broken app may interfere with an in-person shopping experience, drawing consumers to other retailers by presenting a more compelling offer. In effect, the shopper has been hijacked.
Third, updates and fixes to the app may not occur because the registration or download details never transmit to the business. At some point, this may mean that the app may stop working correctly, causing sluggish computer performance or other problems and otherwise reflecting poorly on the brand-conscious retailer. The app also could become the means for a cyberattacker to compromise a user’s device and conduct a data breach, or worse.
A large portion of apps sourced from unofficial app stores contains malware or links to malicious sites. It is possible the app that bears the brand and name of a reputable organization becomes an instrument for cybercrime. Fingers will point back to that organization, and a large-scale crisis could ensue.
Despite any risks—known or unknown— it is unlikely that smart businesses would drop their mobile app strategy, nor should they. Instead, it is crucial that retailers monitor and police the distribution and use of their apps. Such awareness requires a comprehensive, real-time service that can distinguish the use of your brand and identify your apps. This technology can be integrated with existing security operations or by those responsible for the organization’s brand. The same service or technology that performs mobile app monitoring may also be able to police your company’s overall digital brand.
This visibility into your mobile footprint should help prevent unwanted surprises. Happy Holidays.
Meeting the mobile malware threat: Fabian Libeau, EMEA VP at @RiskIQ, looks at the growing threat posed by mobile malware to businesses, their brands and customers, and how it can be tackled. https://t.co/0W1J3M9bfv
Our EMEA VP, @flibeau, looks into the growing threat posed by mobile #malware to businesses, their brands, and customers via @MMMagTweets https://t.co/7gYaaf5UjW
Magecart’s web-based supply chain attacks are taking over the web. Our very own head of threat research, @ydklijnsma, discusses the phenomenon via @cbronline https://t.co/4b8cfIKPoo #Magecart
Web threats are redefining cybercrime. Today, #Magecart isn’t just a security problem; it’s also a business problem https://t.co/yggG0lWsK2
Magecart Group 4 take 2: We took down another 30+ domains which Group 4 setup right after our previous takedown and blog. We will continue our disruption efforts with @abuse_ch & @Shadowserver.
Here is the new set of domains that have been taken offline: https://t.co/CDbJgGqT1g