Europol: many mobile malware as advanced as PC malware
Europol writes in its report entitled ‘Internet Organized Crime Threat Assessment’ that much malware for mobile devices is now just as advanced as PC malware. This form of malicious software is said to be popping up more and more in investigations.
The organization further writes that malware for smartphones has been identified in previous reports, but was always seen as a ‘future threat’. Although the number of European cases involving mobile malware is still fairly low, it appears that this malicious software will play an increasing role in the field of reports and subsequent investigations. The type of malware also changes over time.
For example, on telephones it was traditionally aimed at the misuse of services that offer so-called ‘premium’ payment services. However, due to the increasing capabilities of devices, there are now also variants that correspond to PC malware. These include, in addition to drive-by downloads, for example, ransomware, remote access trojans, and banking malware. The so-called police ransomware, in which a user is shown a fake warning from an investigation service, is still active on iOS and Android. However, this variant would hardly appear on the PC anymore. However, the fact that some of these apps require payment in the form of gift cards would seriously undermine credibility.
In the report, Europol pays attention to various developments in the field of internet crime in the past year. The organization also discusses the ever-increasing popularity of ransomware. The organization predicts that even ‘smart’ devices could soon be confronted with this form of malware. These devices can also be used to carry out DDOs attacks as part of a botnet. This has already emerged in recent weeks with several major attacks by Internet-of-things devices.
The subject of encryption is also covered in the report, although Europol does not provide any new information in this area. For example, the introduction of encryption by an increasing number of communication services would constitute a barrier to conducting research. The organization emphasizes that a solution to this problem must be found that does not weaken encryption, but does not provide concrete examples of this.
In an appendix to the report, Europol discusses the threat posed by quantum computers. It is expected that criminals will have access to such systems within ten to fifteen years. Europol therefore recommends investigating ways of encryption that are less vulnerable to attacks by quantum computers. This would already be carried out by the American NIST and the European Union has also made a subsidy available for such studies.