The most dangerous iOS, Android malware and smartphone vulnerabilities of 2019
The iOS, Android security landscape in 2019
Our mobile devices, now glued to our hips, are also conduits for cyberattacks through Internet connections, applications, and communication protocols.
Over the course of 2019, we've seen the variety of attacks and vulnerabilities impacting our iOS and Android smartphones escalate. Here are some of the most noteworthy cases.
Wi-Fi firmware issues
To kick off 2019, researchers from Embedi uncovered a vulnerability in Marvell Avastar 88W8897, deployed in products including Samsung Galaxy J1 smartphones, Microsoft Surface laptops, and gaming consoles.
If exploited, the bug could be used to trigger malicious code without user interaction.
Apple's FaceTime flaw
A teenage Fortnite player stumbled across an iOS bug in FaceTime which allowed him to snoop on the person he was calling -- without their interaction or knowledge. It took countless calls and emails before Apple took the vulnerability report seriously.
Fake Google reCAPTCHAs
A phishing campaign spotted by Sucuri in February involved the use of fake Google reCAPTCHA systems to drop malware, including a malicious Android APK containing the Banker financial Trojan, on mobile devices.
Samsung facial recognition failures
The Samsung Galaxy 10 was shown to be fooled in March by no more than a video. If a user locked their phone via facial recognition, displaying a video of the owner was enough to dupe the technology into providing access to the smartphone.
In July, Google Project Zero disclosed a security flaw in iOS 12.3. If a malformed message was sent to iMessage, this could lead to the device crashing repeatedly and eventually bricking.
In July, a weakness in the Bluetooth communication protocol was made public which impacts Windows 10, iOS, and macOS machines, including iPhones, iPads, Apple Watch, MacBooks, and Microsoft tablets & laptops.
The MAC-address exploit could be used to track mobile device users, although Android handsets are not vulnerable.
App history at risk
An interesting case emerged this year involving Monokle, spyware designed for Android handsets. The Remote Access Trojan exploits accessibility services to run keyloggers, expose app history, steal photos and videos, track victims via GPS, and more.
Interactionless iOS attacks
A Google researcher reported the existence of six dangerous vulnerabilities impacting iOS in July. Four of the six security flaws allowed "interactionless" attacks on mobile devices and the remote execution of malicious code.
A new ransomware strain dubbed Filecoder was found in July, and while appearing to be unfinished, has revealed some dangerous capabilities. The malware is disguised as a pornographic app and once it lands on your handset, it will attempt to encrypt files -- based on a list from WannaCry -- and demand up to $200 for decryption.
In September, researchers found a host of malicious apps that managed to avoid Google Play security barriers. 24 apps were downloaded close to half a million times and once installed on a victim's device would plant the Joker malware, able to steal data and generate fraudulent profit through malvertising.
A new strain of Android malware called xHelper, which has infected tens of thousands of devices, makes its operators money through pay-per-install schemes and malvertising. What makes this malware different, however, is high levels of persistence which means that the malware will keep re-installing itself -- even after factory resets.
Ad blocker advertising
FakeAdsBlock is an interesting form of Android malware which is being spread as an ad blocker for mobile devices. However, once installed, the app bombards users with ads to generate revenue for its operators.
Locked phones still spy on you
In November, security flaws in Android were publicly disclosed in which millions of devices were vulnerable to attack. The bugs could be used to compromise Google and Samsung handsets for covert spying, as well as to take images and videos without user knowledge -- whether or not the device was locked.