Mobile banking apps a risk for security
Alongside macro and fileless malware, mobile banking poses the biggest risk in 2016


McAfee Labs has revealed the biggest threats to security this year and into next, claiming mobile banking apps, macro and fileless malware are most prevalent.
The company released the information in its newly-released November 2015 Threats Report, which identified the biggest threats to security in the third quarter of 2015.
"The cyber threat landscape often combines something old, something new, something blundered, and something you'," Vincent Weafer, vice president of Intel Security's McAfee Labs, said in a blog post. "The third quarter provides examples of old threats repackaged with social engineering, new fileless malware replacing rootkits, mobile app coding blunders, and the exploit of the weakest link in any ecosystem: you the user."
Researchers at the lab explored mobile threats, saying poor mobile app practices, such as disregarding back-end service provider guidance, means user data is exposed to services in the cloud. Mobile banking apps are particularly targeted here, which is even more concerning considering the sensitivity of the data such apps generate.
"A two-month analysis of nearly 300,000 mobile apps led McAfee Labs to the discovery of two mobile banking Trojans responsible for taking advantage of thousands of mobile banking accounts across Eastern Europe," Weafer explained.
"Known to the industry as 'Android/OpFake' and 'Android/Marry', the two malware strains were designed to take advantage of poor mobile app coding connecting mobile apps to back-end service providers managing app data."
McAfee's report also revealed macro malware has reached a six-year high, with incidents increasing four-fold in comparison to last year. The reason such threats have risen is because spearphishing campaigns are becoming more sophisticated, targeting enterprise users and encouraging them to download attachments containing such vulnerabilities.
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
Fileless malware should be a priority for IT managers to tackle. McAfee Labs said it captured 74,471 samples of fileless attacks in the first three quarters of 2015
Additional threats exposed in McAfee's report relate to mobile malware, which increase by 16 per cent over the last quarter, Mac OS malware, which quadrupled over the period and ransomware, which grew 18 per cent.
The good news is that rootkit-related attacks waned in popularity, dropping 65 per cent, while malicious signed binaries also declined.

Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.
Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.
As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.
-
OpenAI is teaming up with Nscale and Aker to build Europe's first AI gigafactory
News Stargate Norway aims to have 100,000 Nvidia processors up and running by the end of next year
-
Nearly half of enterprises aren't prepared for quantum cybersecurity threats
News Most businesses haven't even started transitioning to post-quantum cryptography, research shows
-
The Scattered Spider ransomware group is infiltrating Slack and Microsoft Teams to target vulnerable employees
News The group is using new ransomware variants and new social engineering techniques - including sneaking into corporate teleconferences
-
Hackers breached a 158 year old company by guessing an employee password – experts say it’s a ‘pertinent reminder’ of the devastating impact of cyber crime
News A Panorama documentary exposed hackers' techniques and talked to the teams trying to tackle them
-
The ransomware boom shows no signs of letting up – and these groups are causing the most chaos
News Thousands of ransomware cases have already been posted on the dark web this year
-
Everything we know about the Ingram Micro cyber attack so far
News A cyber attack on Ingram Micro severely disrupted operations and has been claimed by the SafePay ransomware group.
-
A prolific ransomware group says it’s shutting down and giving out free decryption keys to victims – but cyber experts warn it's not exactly a 'gesture of goodwill'
News The Hunters International ransomware group is rebranding and switching tactics
-
Swiss government data published following supply chain attack – here’s what we know about the culprits
News Radix, a non-profit organization in the health promotion sector, supplies a number of federal offices, whose data has apparently been accessed.
-
Ransomware victims are getting better at haggling with hackers
News While nearly half of companies paid a ransom to get their data back last year, victims are taking an increasingly hard line with hackers to strike fair deals.
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker group
News An analysis of May's SQL database dump shows how much LockBit was really making