More than 143 million malware targeted consumer smart-devices in the second quarter of 2020, mainly in the form of coronavirus-themed attacks, a new report said on Tuesday.
Among the top scams that were reported during the April-June period were free Netflix subscriptions and fraud PM CARE Fund apps. The month of June clocked the highest detections of Windows malware with 1.5 million daily detections due to the opening up of businesses under the unlock phase.
According to researchers at cybersecurity firm Quick Heal, attackers are still using COVID-19 as bait to drop malicious payloads to consumer devices, usually in the form of phishing emails that contain infected attachments.
"In the same category, ‘Trickbot' proved to be an active distributor for multiple malware through phishing emails," Quick Heal's ‘Quarterly Threat Report' revealed.
The report also indicated the emergence of new SMB exploits that allow attackers to take charge of the victim's machine or crash any system in the network. Malware clocked 38 per cent of the total Android detections in Q2.
"Android.Bruad.A" topped the list of top 10 Android malware with 32 per cent detections.
The researchers found various malicious applications that looked 100 per cent authentic and infected consumer mobile phones by injecting malicious information. Among these apps, the fake ‘Aarogya Setu' app took the lead with more and more people downloading it to gain awareness around Covid-19 cases and info.
In the banking domain, "Eventbot" appeared to be a dangerous mobile Trojan that hacks into phones' in-built accessibility and steals data by reading into SMSs, banking PINs, etc.
"Interestingly, this trojan bypasses even the two-factor authentication process that most banking apps offer to ensure security," said the report.
Maximum malware detection was done using Network Security Scan, an in-house feature of Quick Heal that identifies cyberattacks and stops the malicious payloads from entering consumer devices.