According to news reports, a new strain of Android malware has infected 25 million devices and modified legitimate apps with a malicious ads module.
It’s believed the malware originated from a Chinese internet company that helps Chinese Android developers publish and promote their apps in foreign markets. The malware was disguised as Google-related updaters and “vending modules,” which hid its own app icons and automatically replaced already-installed legitimate apps with its own version without the user knowing.
The malware first appeared in popular third-party app store 9Apps and targeted mostly Indian, Pakistani and Bangladeshi users. However, of the 25 million affected devices, 303,000 infections were detected in the US, and 137,000 in the UK.
Apps that were modified include WhatsApp, Opera Mini, Flipkart, as well as software from Lenovo and Swiftkey.
Unfortunately, this is not surprising to us. The reality is, malware on Android phones is prevalent. In a recent Wall Street Journal article, JT Keating, our VP of Product Strategy pointed out the following: “Apple’s practice of vetting apps and developers, as well as its prohibition of third-party app stores, has resulted in it having about one-tenth the amount of malware on its iOS operating system as Google does on the Android operating system.”
Zimperium customers are protected from this. The Zimperium platform leverages our award-winning, disruptive and patented machine learning-based engine, z9, to protect mobile data, apps and sessions against device compromises, network attacks, phishing attempts and malicious apps.
Today, the “bad guys” target mobile devices more and more because they realize mobile devices are an endpoint, containing the same information as the traditional endpoint (e.g., servers, desktops and laptops) and personal information such as banking account passwords, travel reward numbers, etc.
Mobile devices are now the de facto platform for productivity in business. The traditional computing devices upon which enterprises have focused their security and compliance efforts represent only 40 percent of the relevant endpoints. The remaining 60 percent of devices are mobile.
Learn More About Malware
If you would like to learn a little more on the topic, we recently conducted two free webinars on malware. In “The Mobile Security Deadly Sin of Allowing Mobile To Deliver Ransomware” (ransomware being a type of malware) we discussed:
- Real-world scenario of how hackers attempted to deliver ransomware to a company via a mobile device;
- How ransomware differs on desktop vs mobile; and
- What can be done to prevent ransomware from being delivered via mobile devices.
In “Protecting Your Customers from BankBot,” we discuss how BankBot, an Android-targeting malware, used fake overlay screens to mimic existing banking apps to fool users and steal credentials. In this webinar we discussed:
- How BankBot affects mobile banking users;
- How to protect your mobile app and users from mobile malware like BankBot; and
- Real world example of what one bank experienced in the first 30 days after deploying protection in their mobile banking app (Hint: Hundreds of thousands of threats, and visibility to prevent fraud in exposed accounts, protecting over a billion dollars for customers).