Browsing Category: Mobile Security

Categories: Malware, Mobile Security

A new report from Trend Micro showed a 483 percent jump in malware — including “aggressive adware” that harvests person data without permission using legitimate ad networks.It’s no surprise that the open nature of the Android platform makes it a magnet for malware, but the type of malware becoming more prevalent illustrates the blurring lines between legitimate apps that gather data for company use and those that violate users’ privacy.

Read more...

Categories: Mobile Security

There are thousands of apps in the Google Play mobile market that contain serious mistakes in the way that SSL/TLS is implemented, leaving them vulnerable to man-in-the-middle attacks that could compromise sensitive user data such as banking credentials, credit card numbers and other information. Researchers from a pair of German universities conducted a detailed analysis of thousands of Android apps and found that better than 15 percent of those apps had weak or bad SSL implementations.

Read more...

Categories: Mobile Security

Veracode have put out another snazzy infographic, this time to help illustrate the mobile computing boom of the last few years. To accompany the BYOD (Bring Your Own Device) policy that’s becoming commonplace in offices around the world, the web security firm uses two characters, Joe Worker and Joe IT to help break down a slew of stats, including details on the rising cost of mobile phone breaches, the dramatic jump in device adoption and 10 tips to protect smartphones and tablets.

Read more...

Categories: Mobile Security

Malware intent on SMS fraud, also known as toll fraud, has been a constant on mobile platforms, Android in particular, for some time. And FakeInst is definitely king of the hill when it comes to this type of malware. Prevalent in Russia and the rest of Eastern Europe, the malware poses as popular applications, free games or screensaver and once installed, sends premium SMS messages to a service controlled by an attacker. The malware also intercepts messages confirming the charges from wireless providers and ultimately, the user is socked with a massive phone bill while the attacker quietly cashes in. A recent report from Lookout Security said toll fraud malware accounted for 91% of mobile malware and FakeInst malware has netted more than $10 million this year for the attackers behind the malware.

Read more...

It might sound like a security researcher’s worst nightmare to string together 300,000 virtual instances of the Android OS, but for scientists at Sandia National Laboratories, it’s just another day.The Department of Energy-sponsored national security-focused laboratory released the MegaDroid project on Tuesday, a cluster of 300,000 networked virtual machines running Android on commodity hardware. The project gives scientist a massively scaled platform to test anything that could cause a network disruption, including malware or an attack on critical infrastructure.

Read more...

Categories: Malware, Mobile Security

Mobile malware has largely been limited to Trojans buried inside a malicious app targeting sensitive data stored on the phone such as email, contact information and SMS messages. A new proof-of-concept piece of malicious software, however, expands the scope of mobile malware and essentially turns an Android device into a surveillance tool, bringing a while new range of security and privacy implications into the equation.

Read more...