June 19, 2019

The Data Security Of Your Company Could Be Threatened By The Following 3 Android Malware Threats

Google Android, malware alert

Malware Threats Abound

Malware threats are becoming more and more common in data devices across the board. As 2013 progresses, Zephyr Networks has seen that smartphones and tablets running the Google Android platform are now at great risk of external attacks by hackers and potential data breaches. The most aggressive malware threats for companies on the Android platform are tied to high-risk apps that collect as much user data as possible. The three top threats to your company are Android data thieves, malicious Android downloaders and Android rooters.

A Look at  3 Malware Threats to Google Android Devices

1) Android Data Stealers

Android data thieves are deigned to bilk users of information such as their operating system version, product ID, International Mobile Equipment Identity (IMEI) number and other information that could be used in future attacks. The data stealers consisted of 24.9 percent of all Android threat types in 2012, according to Trend Micro’s analysis. A perfect example of such a data stealer that wrecked havoc in the past was DroidDream. Researchers at Lookout Mobile Security, Inc. detected the malicious app in 2011. The malware was found embedded in more than 50 mobile apps in the official Google Play store.

If such an app could get past Google app security, imagine what it could do to your company? It was thought to be downloaded 5,000 times before it was removed. The malicious code was designed to break out of Android’s application security sandbox to send information from the phone to a remote server. Without question, more Android data thieves are presently in operation and hackers are developing more.

2) Malicious Android Downloaders

Side by side with Android data thieves, malicious Android downloaders have been wreaking havoc with personal information security and business data security. Malicious downloaders accounted for 22.8 percent of all Android threat types in 2012, according to Trend Micro. Once a malicious downloader has infected a victim’s Android device, it is designed to contact a remote server to await instructions or download additional Android malware.

What is so terrifying is that OpFake malware was seen bundled with a legitimate version of the Opera Mini browser. The designer of the malware mimicked the installation process of the Opera Mini browser, requesting permission from the user to modify rights to SMS and MMS messages, read contacts and modify the contents of the device’s SD card. The victim was then prompted with a second permission request to install Opera Mini. Once installed, the malware was able to control and access the data on the phones. Although mainly used to download more paid apps and rack up false charges, the same technology can be used to extract information as well.

3) Android Rooter

Luckily, the most terrifying of the three types of Android Malware is also the least common. Rooter malware has the capability to root infected devices, giving an attacker complete control of the Android smartphone or tablet. Trend Micro found that rooter malware made up only 4.4 percent of all Android threat types. Root privileges grants a remote attacker access to files and the device’s flash memory. The threat is designed for targeted attacks to remain stealthy and persistent on the device, evading detection by most mobile antivirus applications.

One such threat called Gonfu was detected in 2011 and can root a device by installing a malicious package called Legacy. Once Legacy is installed, it is hard to remove and provides the hacker with remote control of the device and access to your company’s data that can be accessed on the device. Can you imagine the potential security consequences?

Zephyr Networks has both the experience and expertise needed to protect your company’s data and maintain your network security across the board. If you are having a problem with Android malware, we can help. To take the next step in security, please call Zephyr Networks toll free at (800) 884-7559 or fill out our handy contact form.