Avira , the well-known solution manufacturer antivirus, published its report on the status of threats that characterized the 2020. A year that, as we have already specified in other articles on Edge9, has seen the intensification of cyber attacks. The reasons are mainly two: on the one hand the powerful use of smart working , often implemented quickly to ensure business continuity, which has taken employees outside the company perimeter, making them more vulnerable. On the other, the psychosis related to Covid, which attackers exploited to spread malware through phishing or other means.

Hackers target checking accounts: Android banking trojans increased by 35%

Cybercriminals during the pandemic targeted especially bank accounts, especially on Android: Avira’s sensors recorded an increase of 35% of this type of threats. Among the most widespread, the antivirus manufacturer indicates Cerberus , which is spread through phishing campaigns centered around the word “Corona” which invite users to download an apk containing the trojan, apk which in many cases is named Corona-Apps.apk . Another popular banking malware last year was Wroba , which steals credit card credentials ” disguised as “Chrome.”

Beware of stalkerware: according to Avira they will be more and more widespread in the 2021

You don’t hear about stalkerware , a category of cyber threats that effectively falls into the spyware category. The difference is that the latter are real viruses spread through classic methods, such as phishing, while stalkerware are “legitimate” applications, sometimes available in official stores: an example are apps to keep children under control, geolocating them. However, these applications are very often used for purposes other than those for which they are designed, installed for example on partners’ devices without their knowledge to spy on them, record calls, track the location and even capture photos and videos. These are applications that are in some cases very sophisticated, able to disguise themselves in the midst of other processes to appear legitimate and capable of blocking antivirus, thus preventing their uninstallation.

As Avira explains on her blog, since last summer Google Play removed these types of applications from the Play Store but some remained. An example is the AllTracker Family app. Parental Control . If it is still available on the store despite the ban it is probably due to the fact that this specific app always sends a notification to the phone user before sending data to the “spy” (parents are supposed, in the case of legal uses) , but Avira researchers have noted that disabling Android notifications is enough to bypass this form of “protection”. Not only that: by activating the Pro version it is possible to disable any type of notification of the app, which prompted Avira to recognize it as malware (PUA / Stalk.Catwatch.spy ) this application.

Avira also pointed out how many of these apps removed from the official store however, they are easily accessible through alternative shops, and therefore available to anyone.

The threats that will characterize the 2021 according to Avira