This blog is an update to our recent post about security measures designed to help prevent rogue mobile apps. Earlier this week, Palo Alto Networks announced that it had found an advertising company based out of Asia that is infecting mobile phones running on the Android OS system with malware. The malware may slip by Google and Apple’s detection systems because it only activates when other applications are installed, at which point it tags along on the installation process. Seven infections have been reported since Monday.
Earlier this year another security firm found similar rogue apps being disseminated by an ad firm in Russia. The “BadNews” ad network created approximately three dozen apps to infect users, and had about 2.2 million downloads. Matthew J. Schwartz from Information Week noted, “They’ve discovered a series of attacks that have been serving up malicious code by Hacking: The using of a computer and/or program in order to gain unauthorized access to data in a computer, system or network. LookingGlass Cyber (n) - not the axe swinging you’re thinking of. This type of hacking is unauthorized access to another computer, or system. into an ad network’s software development kit (SDK). Developers add these SDKs to their Android apps to tie into mobile advertising networks and earn referral fees.”
Cyveillance suggests that companies limit company-issued mobile devices to legitimate apps downloaded from official, sanctioned app stores to help employees reduce the risk of downloading a rogue app with malware. More tips can be found in our recent webinar, Six Types of Rogue Mobile Apps and How They’re Hurting Your Brand.