Your organization’s leadership is 12 times more likely to be the target of a security incident and nine times more likely to be the target of a data breach than they were last year. Find out how they can be protected.
Read the Datasheet
Gift Cardsharks: The Massive Threat Campaigns Circling Beneath the Surface
Learn about the attack group primarily targeting gift card retailers and the monetization techniques they use.
Get the Report
Threat Hunting Workshop Series
Join one of our security threat hunting workshops to get hands-on experience investigating and remediating threats.
Attend an Upcoming Workshop
Inside Magecart: New RiskIQ & Flashpoint Research Report
Learn about the groups and criminal underworld behind the front-page breaches.
Threat Hunting Guide: 3 Must-Haves for the Effective Modern Threat Hunter
The threat hunting landscape is constantly evolving. Learn the techniques, tactics, and tools needed to become a highly-effective threat hunter.
The digital revolution has caused businesses to venture outside the safety of corporate perimeters into the expanses of the open internet where they can make more frequent and more meaningful touchpoints with employees, prospects, and customers. Unfortunately, this also makes them a target for a new breed of attackers that level internet-scale threats at their digital attack surface, a varied collection of client-facing assets outside the firewall that hackers can and will discover as they research their next threat campaigns.
A significant portion of this digital attack surface is the mobile channel.
To highlight the mobile threat landscape in the third quarter of 2018, RiskIQ applied its crawling platform, which monitors 300+ mobile app stores around the world and leveraged our daily scans of nearly 2 billion resources to look for mobile apps in the wild.
Q3 showed a nearly 220 percent increase in blacklisted apps over Q2—apps matching against at least one blacklist such as VirusTotal, which, per its website, inspects files or web pages with over 70 antivirus products and other tools. A blacklist hit from VirusTotal shows that at least one vendor has flagged the file as suspicious or malicious. However, due to a surge in total apps observed, the percentage of blacklisted apps dropped from 4% in Q2 to 3% in Q3.
Fig-1 Q3 saw a spike in blacklisted mobile apps
With a proactive, store-first scanning mentality, RiskIQ observes and categorizes the threat landscape as a user would see it. Every app we encounter is downloaded, analyzed, and stored. RiskIQ also records changes and new versions of apps as they evolve. In this report, we’ll give an overview of these mobile threats, as well as emerging trends we anticipate will be prevalent in the future, to help you protect yourself and your customers.
Download RiskIQ’s Q3 Mobile Landscape Report for key mobile threat insights including;
RiskIQ automatically runs all mobile applications encountered through a variety of blacklists, including VirusTotal. We differ from other monitoring systems that rely on end users employing their virus scanning tools and/or manual sample submissions. RiskIQ provides discovery across all major app stores as well as more than 150 others, including focused coverage of high-risk stores and regions for brand impersonation, malware, and fraud.
In addition to comprehensive coverage of third-party app stores worldwide, RiskIQ incorporates a unique source of “feral app” binaries, or mobile apps collected outside of dedicated mobile app stores, via drive-by download for example.
To read more about how RiskIQ can help with your mobile security, click here.
Get your #RSAC 2020 party started by joining RiskIQ at IGNITE, hosted by @FlashpointIntel! Register now: https://t.co/XhmW7kUCY8
Now you can see why we named it Magecart 🙃 it’s where it started in 2014. A group normally skimming data through Mage.php when a cart checkout is done, started pioneering a client-side JS skimmer.
The rest of the story can be read in our 2018 report: https://t.co/aGlU984pTU https://t.co/AwDlwdb36p
Based on data from @riskiq it appears this campaign by the Russian GRU to hack and breach Burisma in Ukraine started around 11-11-2019 (and possibly earlier) with the registration of the domain kub-gas[.]com cc @Ushadrons @file411 @IdeaGov #infosec #phishing #malware #disinfo
RiskIQ is excited to announce that growth expert Christophe Culine has joined our team as Chief Revenue Officer, leading our sales organization to great things in 2020 and beyond https://t.co/DYCAOfYeIa
RiskIQ's @ydklijnsma was on @DarknetDiaries to talk about the global phenomenon of #Magecart. Listen in on how credit card skimming on online purchases is happening—and happening often.