State-sponsored attackers take to mobile malware

State and state-sponsored APT groups are increasingly incorporating mobile malware into their surveillance and espionage campaigns, according to new research from BlackBerry’s Cylance.

The antivirus software company has published a new report finding that several governments have been exploiting the mobile threat landscape for a decade or more.

Low threat detection rates and a false sense of security have made mobile users an easy target for malware attacks, and the limited availability of security solutions intended to block mobile malware has allowed APT groups to exploit a mobile dimension for espionage campaigns with impunity, the report states.

Such groups include known state or state-sponsored APT groups acting in the interests of the Chinese, Vietnamese, North Korean, and Iranian governments, which have demonstrated the capability to develop native Android and/or iOS mobile malware.

Most observed government mobile espionage efforts were based around campaigns to spy on targets of interest for political purposes, but some groups are showing an indication of pivoting to traditional foreign intelligence and economic espionage targets.

The report details previously unidentified campaigns by both new and previously observed threat actors, including one targeting a range of Western and South Asian telecommunications companies and nearly every chemical manufacturing company in the world outside of China.

Coinciding with the research, BlackBerry has launched its new CylancePROTECT solution for mobile devices managed by the BlackBerry Unified Endpoint Management suite.

The new solution uses Cyclance’s AI-powered security technology to provide advanced mobile endpoint detection to prevent, detect and remediate cyber attacks.

Image credit: ©stock.adobe.com/au/Gorodenkoff