Threat Intelligence Blog

Posted August 15, 2013

This blog is an update to our recent post about security measures designed to help prevent rogue mobile apps. Earlier this week, Palo Alto Networks announced that it had found an advertising company based out of Asia that is infecting mobile phones running on the Android OS system with malware. The malware may slip by Google and Apple’s detection systems because it only activates when other applications are installed, at which point it tags along on the installation process. Seven infections have been reported since Monday.

Earlier this year another security firm found similar rogue apps being disseminated by an ad firm in Russia. The “BadNews” ad network created approximately three dozen apps to infect users, and had about 2.2 million downloads. Matthew J. Schwartz from Information Week noted, “They’ve discovered a series of attacks that have been serving up malicious code by hacking into an ad network’s software development kit (SDK). Developers add these SDKs to their Android apps to tie into mobile advertising networks and earn referral fees.”

Cyveillance suggests that companies limit company-issued mobile devices to legitimate apps downloaded from official, sanctioned app stores to help employees reduce the risk of downloading a rogue app with malware. More tips can be found in our recent webinar, Six Types of Rogue Mobile Apps and How They’re Hurting Your Brand.

Additional Posts

Risks from Photo Geotagging

The Truth, The Hype and The Implications for Physical Security Teams A number of our Cyber ...

China Reports Increase in Trojan and Botnet Attacks

During the past year we have heard countless reports of U.S.-targeted web attacks coming from ...