As the world of internet of things (IoT) grows, the number of attacks through the cyber space will continue to grow as well. Recently, with the massive worldwide spread of the ransomware, WannaCry, the threat is becoming more sophisticated and complex, as criminals find innovative ways to launch attacks. One such way is through the use of Artificial Intelligence (AI). Although, AI has a great possibility of making considerable strides in cybersecurity, it has the potential of being manipulated. As AI technology becomes smarter, it is only a matter of time until cyber criminals use it in their advantage.
Android Malware is on the rise, say researchers at G Data Security. A new report by the security firm revealed that in the first of 2017, over 750, 000 new malware apps were discovered. Android holds a 72 percent share of the mobile market and so it is reasonable that more attacks would happen on this platform. The number of malware samples cropping up each day are nonetheless staggering and there's no sign the problem will be corrected anytime soon. Since 2012, new Android malware samples have increased each year with the greatest hikes occurring over the last year.
The Microsoft Windows BITS feature is being used to deliver and reinfect systems with malware even after an infection has been removed, researchers say. The Windows Background Intelligent Transfer Service (BITS) is a utility used to transfer data between clients and servers. The facility can control client file downloads, server uploads and communication between servers and server applications while transfers are taking place. According to Dell SecureWork's Counter Threat Unit (CTU) research team, this utility, albeit useful for a variety of applications -- including Windows Updates -- is being exploited by cyberattackers to download malware and re-infect users after malicious code has been wiped from a system. In a blog post, the security team said a lesser-known capability of the BITS system is now being taken advantage of.
Google has done a lot to thwart Android malware in recent months, but it's apparent there's still some work to do. Symantec recently discovered seven previously removed rogue apps that resurfaced on Google Play simply by using a new publisher and new app names. The titles masqueraded as productivity apps and would even use official Google imagery to hide their origins, but would push ads and scam websites if they were allowed to stay for four hours. It's not clear how the apps slipped through, but Google has since taken them down. We've asked the company for comment.
A version of the Bashlite IoT malware has received an update over the past few weeks that allows it to target Belkin WeMo home automation switches. Further, as part of this update, the malware can now open backdoors and run commands on infected devices, deploy a cryptocurrency mining module, can detect and remove competing IoT malware, and has also expanded the types of DDoS attacks it can launch from infected devices. "While we have not seen significant detections for these versions of Bashlite, it's worth noting that it's already in the wild," cyber-security firm Trend Micro said in a report today. The company's experts believe the person who modified recent versions of the Bashlite malware to improve it with new functionality is using a module for the Metasploit penetration testing framework to infect smart devices via the Belkin WeMo UPnP SDK. This includes Belkin WeMo home automation switches, but also routers, smart lightbulbs, electrical plugs, light switches, motion sensors, surveillance cameras, and other devices that support this SDK.