With our increasing reliance on smartphones for communication, work, and entertainment, mobile devices have become lucrative targets for cybercriminals. In 2022, mobile threats have continued to multiply, illustrating not only the dangers and impact of mobile threats but also the vulnerabilities of mobile device and app safeguards.
Here are 5 mobile threats that made headlines in 2022.
No stranger to the news in recent years, Pegasus spyware continued to make waves in 2022. Designed to collect sensitive data from cell phones and other devices, what makes Pegasus particularly dangerous is its ability to be installed remotely without any accidental installation or activation by the victim. For example, simply opening an iMessage for iPhone users can trigger the spyware.
Once a phone is infected with Pegasus, it gains access to messages, emails, calls, passwords, and location information. It can also secretly turn on a phone's microphone and cameras to create new recordings.
Notable Headlines:
QBot is an information stealer with backdoor and self-spreading capabilities that was first discovered in 2006. It is often used as the initial infection vector in malicious attacks and to this day, is one of the leading Banking Trojans globally. In the fall of 2022, cybercriminals utilized the malware to exploit a zero-day vulnerability infecting more than 1,800 users in just over a week, with corporate users accounting for almost half of the victims.
Notable Headlines:
Hydra is a banking trojan that targets Android devices. First discovered in 2019, Hydra is distributed via phishing messages, websites, and malicious applications in the Google store. It tricks users into enabling dangerous permissions on their mobile devices in order to steal financial credentials.
In October 2022, Hydra was the second most common mobile malware.
Notable Headlines:
The Godfather is a banking trojan that spreads through phishing emails or is downloaded in conjunction with other programs. Once installed, the malware generates fake login screens overlaid on top of banking and crypto exchange apps, recording login credentials, credit card numbers, and other private information. First detected in 2021, the Godfather had targeted more than 400 financial applications by October 2022.
Notable Headlines:
Joker is spyware that is hidden in apps on the Google Play store. Once installed, the Joker collects SMS messages, contact lists, and information from the infected device. This allows it to subscribe unsuspecting users to premium services without their approval.
By June 2022, Joker was found in over 50 Android applications which had received more than 300,000 downloads.
Notable Headlines:
For more mobile attacks that made the headlines in 2022, check out our partner Zimperium’s 2023 Global Mobile Threat Report.