November 7, 2012

Avoiding Android's Malware Influx

Stacey Garcia

Attackers setting their sights on Android users seem to have upped their game over the last few weeks. Reports have shown a flurry of new attacks and vulnerabilities that have turned that cute little green robot into a proverbial punching bag.

Here's some of the blow-by-blow coverage of the carnage:

  • The Internet Crime Complaint Center (IC3) recently reported that crooks are tricking users with phony work-at-home lures into clicking links to pages that secretly download malware called Loozfon onto their devices. The app pilfers address book information and sends the attacker the infected device's phone number.
  • IC3 warned in the same advisory about spyware called FinFisher that can be inadvertently downloaded by visiting an infected site or by opening a text message made to look like a system update. FinFisher gives attackers anytime, anyplace remote control of the device.
  • A researcher with the North Carolina State University computer science department recently produced a proof-of-concept app that takes advantage of a vulnerability in the Android Open Source Project that would give an attacker the ability to send SMS messages from an infected phone without user permission. The vulnerability exists on all recent Android platforms.
  • Researchers with Leibniz University of Hanover in Germany released a study that showed how even legitimate apps in the Google Play marketplace can be a threat. The researchers showed that a number of these apps leaked sensitive information to man-in-the-middle attacks through improper use of the SSL and TLS security protocols.

The IC3 advisory offered more details about FinFisher and Loozfon, but more importantly the experts among them offered some choice advice for users to bolster security and fight back threats to their mobile security. Among the most important pieces of information, IC3 suggests:

  • Getting familiar with all your device's settings and turning off features you don't use so they aren't used against you.
  • Abstaining from jailbreaking the phone, which completely destroys any of the default security settings on the phone and consequently is an install state which many malware author's seek out for device targets.
  • Keeping current on software updates.
  • Avoiding risky links the same way you'd avoid them on your PC.

As enterprises, small businesses and consumers all deal with the influx of malware into the mobile space, each must do their part to protect themselves. For many businesses, that will also involve adding critical mobile security to their technology arsenal. But technology can't be deployed in a vacuum. Increased awareness and adherence to best practices like those identified in our free mobile acceptable use policy kit can increase your organization's likelihood of walking away without becoming a victim.

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.