InfoGuard Cyber Security and Cyber Defence Blog

Mobile stalkerware on the rise: how to keep your devices secure? [PART 1]

Geschrieben von CSIRT | 15 Apr 2024

How well is your phone protected against malware and stalkerware? Given that half your life is stored in it, there is a question mark over whether the protection is sufficient. And for good reason – many humorously refer to it as their “second memory”. And although it is generally assumed that smart people protect themselves, few truly protect their smartphones wisely. Find out how to avoid invisible dangers from the web and why regular updates are important.

In the field of mobile cybersecurity, there is no way around addressing the dangers that threaten our little portable companions. Last year, Apple patched 20 zero-day vulnerabilities and expects this trend to rise significantly. This development means that we as users need to remain vigilant.

What are zero-day vulnerabilities and why are they dangerous?

Zero-day vulnerabilities are vulnerabilities in the software that the developer has not yet discovered and that attackers are targeting. Such vulnerabilities are insidious because they only come to light after a successful attack. It is simply too late for the victim of cybercrime if app manufacturers only develop updates once such events have occurred.

Zero-click exploits: invisible danger

Zero-click exploits are particularly dangerous because they succeed even without interaction of the attacked users. The malicious codes find their way on to mobile devices unnoticed and are barely detectable.

Such vulnerabilities are a preferred target for espionage attacks against journalists, politicians and activists. This occurred for example during Operation “Triangulation” or the well-known spyware systems “Pegasus” and “Predator”.

Apps that process messages or voice calls are also popular gateways because they receive data from untrusted sources. Even basic zero-click attacks leave little trace and are difficult to identify.

Malicious apps: hidden threats

Hidden threats often lurk in official app stores. Cybercriminals smuggle malicious apps into trusted stores and take advantage of the fact that users trust them almost unreservedly and hardly ever question the security of the downloaded apps.

The topic of app permissions also falls within the area of hidden threats. Most of us give apps access to our phones without hesitation, although it is worth considering which permissions are necessary, if any.

Some apps display hidden ads, others pretend to be an official app, while others still have security vulnerabilities and transmit malicious software such as malware or stalkerware.

Malicious apps can take various forms, posing a serious threat to smartphone security.

Here is a selection of the most common forms:

  • Adware is unwanted software that aims to flood your screen with advertising, especially within web browsers.
  • Ransomware is malware that encrypts files. Restoration is offered for a ransom. Ransomware can be as harmful on smartphones as it is on computers.
  • Trojans are malicious programs that disguise themselves as legitimate applications, but in reality have harmful intentions. They can steal confidential information or open backdoors for further attacks.
  • Spyware spies on your activities, collects personal information and transfers it to third parties, which can lead to identity theft and other security issues.
  • Keyloggers record keystrokes, including passwords and other confidential information, which attackers can use to gain unauthorised access.

Be vigilant: also critically review apps you download from official app stores and think carefully about what permissions are actually necessary.

Neglected updates and obsolete libraries

Regularly maintain apps and libraries on your smartphone. If you neglect to update the installed apps, you may be lulled into a false sense of security. Even applications and libraries that are functioning normally can open the door to attacks that have already been identified. This is particularly annoying in case of an incident as it could have been easily avoided via an update.

Conclusion

The security of your smartphone requires regular updates, critical thinking and attentiveness. Protect your so-called extended memory – your smartphone – from the invisible dangers of the digital world.

Use our four recommendations to protect your phone

Protect your phone and implement the four measures listed below on a regular basis – starting today:

  1. Use automatic updates: Make sure both the operating system and your apps are updated automatically. These updates often contain important security improvements.
  2. Create backups: Backup your important data regularly to external storage or the cloud. If your device is compromised, you can easily recover this data.
  3. Uninstall unused apps: Check your installed apps and remove any you no longer use. Also, disable system features that you don’t need. Remember to delete sensitive data when removing apps.
  4. Strong access protection: Use a strong password, code or pattern to secure access to your device. You can also use biometric unlocking methods such as fingerprint or facial recognition to avoid having to enter your secret code constantly on the screen, which can avoid unwanted interception.

For businesses, our Cyber Defence Center offers a compromise assessment for mobile devices. We do this by checking your business smartphones once or at regular intervals for the following security vulnerabilities:

  • Traces of past compromises
  • Current configuration for the necessary system hardening and security

We also provide you with appropriate measures to minimise the risks of a digital threat and prepare you as best possible for an incident involving a compromised smartphone.

Are you interested in gaining a deeper insight into our security work? Then stay tuned, because the second part of this blog series is coming soon. Cyber-Defence specialists will be talking about working techniques, making security recommendations and presenting tools they use to keep our customers safe.

So sign up now for the automated blog updates and we’ll let you know as soon as the second part of this blog series is posted.