Story image

Malicious cyber attack method resurfaces, targets mobile devices

13 Jan 2016

Palo Alto Networks has revealed details on an old cyber attack method that has resurfaced and is targeting mobile devices.

The renewed attack has been dubbed ‘BackStab’ and is used to steal private information from mobile device backup files stored on a victim’s computer.

“Cyber security teams must realise, just because an attack technique is well-known, that doesn’t mean it’s no longer a threat.

“While conducting our research into BackStab attacks, we gathered over 600 malware samples from 30 countries around the world that were used to conduct remote BackStab attacks,” says Ryan Olson, Palo Alto Networks director of threat intelligence at Unit 42.

A whitepaper from the company’s Unit 42 threat intelligence team explains how cyberattackers are using malware to remotely infiltrate computers and execute BackStab attacks in an unprecedented fashion.

Used to capture text messages, photos, geographic location data, and almost any other type of information stored on a mobile device in their possession, BackStab has been employed by law enforcement and cyberattackers alike, Palo Alto Networks says.

The company says BackStab attacks have evolved to leverage malware for remote access and Apple iOS devices have been a primary target for attacks, as the default settings in iTunes store unencrypted backup files in fixed locations and automatically sync devices when they are connected to a user’s computer.

Recommendations from Palo Alto Networks:

  • iOS users should encrypt their local backups or use the iCloud backup system and choose a secure password.
  • Users should upgrade iOS devices to the latest version, which creates encrypted backups by default.
  • When connecting an iOS device to an untrusted computer or charger via a USB cable, users should not click the “Trust” button when the dialogue box is displayed.
Cryptomining apps discovered on Microsoft’s app store
It is believed that the eight apps were likely developed by the same person or group.
A multi-cloud approach - what is in it for me?
OVH CEO Michel Paulin explains the benefits of a multi-cloud approach to an organisations digitalisation and what to consider before implementation.
IDC: Top 10 trends for Australia’s digital transformation
The CDO title is declining, 35% of us will be working with bots, the Net Promoter Score will be key to success, and more.
Why the IT service integration market is becoming highly automated
"The SIAM market is not large, but it is one of the fundamental pillars of every digital transformation strategy."
Intel and Rakuten partner to address 5G network gap
“We believe this full end-to-end virtualised network will help us to shift away from reliance on dedicated hardware and legacy infrastructure.”
Exclusive: How Australian businesses can foster customer loyalty with CX
From boardrooms to meeting rooms, there’s an overwhelming recognition of the importance of CX, particularly when it comes to building customer loyalty.
Spoofs, forgeries, and impersonations plague inboxes
It pays to double check any email that lands in your inbox, because phishing attacks are so advanced that they can now literally originate from a genuine sender’s account – but those emails are far from genuine.
HCL and IBM collaborate to encourage global hybrid cloud uptake
HCL announced a collaboration with IBM designed to help advance the hybrid cloud journeys of organisations worldwide.