Skip to main content
banner image
venafi logo

The Evolution of Mobile Malware: Digitally Signed Malware Creates an Illusion of Trust

The Evolution of Mobile Malware: Digitally Signed Malware Creates an Illusion of Trust

March 5, 2014 | Patriz Regalado

Because cyber-criminals always seem to find new ways to circumvent traditional security measures, the threat landscape is constantly changing. A McAfee Labs Threat Report in Q3 2013 revealed an alarming trend: the type of malware proliferating most rapidly is digitally signed malware on mobile devices. McAfee Labs also identified a new family of Android malware that is enabled by compromised certificates. This new malware already accounts for 24% of digitally signed malware.

Mobile Malware

Although it is not surprising that malware targeting mobile devices—particularly Android devices—is proliferating, the severity of the threat is alarming. The rapid increase of digitally signed mobile malware continues to call into question the validity of all the mobile digital certificates that are in use and begs the question of how enterprises and individuals can distinguish between legitimate and compromised mobile certificates.

One thing is for certain, mobile malware attacks that are exploiting poorly secured cryptographic keys and certificates on mobile devices will continue to increase. Digitally signed malware is on it’s way to triple-digit growth, and by the end of 2014, it won’t be surprising to find almost all mobile malware attacks using digital certificates. But what’s even scarier is that most organizations today don’t have a mechanism in place to detect compromised mobile certificates. The traditional security controls and solutions they are using do not detect such attacks. Consequently, mobile certificates will continue to be a perfect target for cyber-criminals and pose a huge risk to organizations.

Cyber-criminals have learned that the quickest and easiest way to inject malware that resides undetected on mobile devices for months or even years is by signing the malware with compromised or stolen digital certificates. This digitally signed mobile malware can operate undetected by most organization’s whitelisting security controls. Cyber-criminals then become trusted users on mobile devices, evading traditional security controls and gaining undetected access to network resources.

Why is it so easy? Most organizations cannot detect or respond to anomalous certificates that authenticate systems and users on mobile devices, applications, and networks. Exploiting digital certificates is, therefore, the perfect attack. For example, certificates are used to verify the identity of an application’s owner. If cyber-criminals can obtain one of these digital certificates, their malware can circumvent any traditional security provisions. Because organizations do not protect their digital certificates from such attacks, users have a false sense of security, relying on an illusion of trust. Attacks that inject mobile devices with malware to gain access to corporate networks and steal corporate data take advantage of the broken trust caused by unsecured and exposed certificates and keys.

Many organizations invest significant resources into detecting and remediating mobile malware but ignore the more dangerous and underlying threat of weak and unsecured mobile certificates. Maybe they make this mistake because mobile certificate security is overshadowed by the focus placed on mobile malware itself. Whatever the reason, organizations continue to focus on mobile malware rather than examining the factors that erode trust and reducing their risk by implementing better mobile certificate security practices.

Although it is critical to address mobile malware, it is equally important to identify how attackers are exploiting broken trust to infiltrate systems and steal sensitive corporate data. I have seen too many instances where organizations place themselves at massive risk of attack because improperly secured certificates have opened doors to mobile malware.

Like this blog? We think you will love this.
man putting his hand in the middle of a row of falling dominos to prevent the other half from falling
Featured Blog

5 Ways to Prevent Unauthorized Access of Misused Mobile Certificates

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Patriz Regalado
Patriz Regalado
Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud

Venafi Cloud manages and protects certificates

* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
* Please fill in this field
* Please fill in this field
* Please fill in this field

End User License Agreement needs to be viewed and accepted

Already have an account? Login Here

get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more