Welcome to this week’s security review, which includes detailed commentary and analysis on porn clicker trojans at Google Play, digital childhoods and the industrialization of cybercrime.
Porn clicker trojans at Google Play
At the time of writing, ESET has found 343 malicious porn clicker trojans on Google Play, which it describes as one the largest malware campaigns on the app store. An analysis by malware researcher Lukáš Štefanko revealed that many Android devices have been infected. He later noted in an interview with We Live Security that despite the commendable efforts by Google’s security team, the malware’s authors are proving to be hard to combat. His colleague, the security evangelist Peter Stancik, added that “the creators of these trojans ride the wave of interest in popular applications, notably in games”.
Digital childhoods and internet-savvy countries
Security evangelist Ondrej Kubovič reported on what parents in the UK, US, Germany and Russia think is the most appropriate age to introduce ‘digital activities to their children’. Surveys carried out by ESET found that Russian parents tend to be stricter with their children under the age of five, while moms and dads in the other sampled countries were found to be far more relaxed. His analysis of the results also revealed consensus – all four countries agreed that children have access to technology and the internet far too early.
Linux Mint site hacked, users unwittingly download backdoored operating system
Independent security analyst Graham Cluley drew attention to a compromised version of the Linux Mint operating system, which is “playing host to a Linux ELF trojan called Tsunami”. This, he elaborated, has the ability to launch distributed denial-of-service (DDoS) attacks, as well as steal files from your computer. He said: “If I were a user who might have had their personal information exposed, or their computer compromised, I wouldn’t be wasting any time taking action to ensure that any damage was limited.”
The industrialization of cybercrime may be upon us
The “industrialization” of cybercrime is now a very real thing, claimed Dr. Adrian Nish, head of cyber threat intelligence at BAE Systems. He explained that the criminal activity is becoming increasingly “professionalized”. The Telegraph, which quoted him, also reported that the multinational defence, security and aerospace company has to constantly fight cyberattacks on a weekly basis, highlighting how serious a problem it has become. One of the ways around this is to understand what motivates cybercriminals, said his colleague, Kevin Taylor, head of applied intelligence at BAE Systems.
Privacy and security ‘war’ must come to an end
Government officials and cybersecurity experts have joined forces to help settle the ongoing and deeply divisive privacy/security debate. The Digital Equilibrium Project has been set up to help “foster a new, productive dialogue on balancing security and privacy in the connected world”. Art Coviello, former executive chairman of RSA and organizer of the Digital Equilibrium Project, said that the “standoff between Apple and the US government is a symptom of a larger issue”, explaining that laws, policies and “social constructs” need to catch up with the pace of technological change.