Cryptocurrencies are good news for bad guys. That’s a key finding of a new report on mobile threats from the first quarter of 2018. In another major finding, nation-state threat actors seem here to stay, and they have a growing love for mobile platforms. The Mobile Threat Landscape Q1 2018 Report, sponsored by RiskIQ, analyzed 120 mobile app stores and billions of daily scanned resources for its data.

And in spite of headlines, the overall news is promising, with a reduction in the total number of malicious apps found. According to the report, malicious blacklisted apps are increasingly masquerading as cryptocurrency wallets, exchanges, or generic cryptocurrency applications.

Once installed, these malicious apps will either begin working to steal legitimate cryptocoins from wallets, or begin mining cryptocurrency, frequently the highly anonymous Monero, using the device’s compute resources. The research also found that the vast majority — 86% — of malicious apps share the READ_SMS permission, which allows the app to read messages and can be used for functions like side-stepping two-factor authentication.

Other commonly shared permissions include access to cameras, microphones, and location information. Read more from darkreading.com…

thumbnail courtesy of darkreading.com