New Android Malware Disguised as Security AppAdded 6th Nov 2012
Google's Android mobile platform is the target of a new variant of a widely used malware capable of stealing personal information.
The latest Zeus malware masquerades as a premium security app to lure people into downloading the Trojan, Kaspersky Lab reported Monday. The fake security app, called the Android Security Suite Premium, first appeared in early June with newer versions released since then. (Learn about real, user-reviewed security apps for Android and iPhone.)
Such malware presents a threat to consumers, as well as businesses that allow employees to use their personal devices on the corporate network. A Dimensional Research survey of IT professionals found that more than 70 percent said mobile devices contributed to increased security risks and that Android introduced the greatest risk. Issued in January, the report was sponsored by firewall vendor Check Point Software Technologies.
The new Zeus malware steals incoming text messages and sends them to command-and-control servers operated by the attackers. Depending on the apps installed on the Android device, the text could include sensitive data, such as password-reset links.
"It is also important to mention that these malicious apps are able to receive commands for uninstalling themselves, stealing system information and enabling/disabling the malicious applications," Denis Maslennikov, a Kaspersky security researcher said in a blog post.
The malware installs a blue shield icon on the smartphone or tablet menu and shows a fake activation code when executed, Kaspersky said. The app uses a series of six command and control servers, one of which was linked to Zeus malware found in 2011.
"The newest variant of ZitMo demonstrates the commitment to effective mobile spyware development and distribution that cybercrime has made," Kurt Baumgartner, senior security researcher at Kaspersky Lab, said by email.
Android application infections increased dramatically in the first quarter of this year, driven by a surge in attacks on personal data, according to the E-Threat Landscape Report released in April by security vendor Bitdefender. Cyber-criminals often hide the malware in apps sold in online stores.
The Dimensional survey found that 65 percent of the 768 IT pros polled allowed personal devices to connect to corporate networks. Apple's iOS, used in the iPhone and iPad, was the most common platform, with Android coming in third behind Research in Motion's BlackBerry. Android was found in companies represented by one in five of the respondents.
A factor that increases the risk of malware such as Zeus is the lack of employee awareness. More than six in 10 of the IT pros surveyed said employee ignorance had the greatest impact on mobile security.
The types of corporate information most often found on mobile devices were e-mail and contacts. Other information cited by the respondents included customer data, network login credentials and data made available through business applications.
Zeus was first discovered in 2007 as a keystroke logger and form grabber that ran in a browser. The malware is primarily downloaded through phishing schemes or by visiting malicious Web sites. The mobile version of Zeus, called ZitMo, was first discovered a couple of years ago.
In other Android security news, Tokyo police have arrested six men accused of distributing malware through an application downloaded from a porn site, the newspaper Yomiuri Shimbun reported. When launched, the Android app would demand fees and steal the victim's personal information.
The suspects are accused of swindling more than 200 people out of $265,000. Two of the suspects were executives at separate IT companies.
Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.
Next year will see demonstrable evidence of the Internet of Things, real-time communications on the Web, and SDN-enabled platforms with killer applications for them.
A Stratecast survey has found that more than 80 per cent of employees admit to using unauthorised Software-as-a-Service (SaaS) applications during work.
Microsoft moved to reassure business and government customers worldwide that it is committed to informing them of legal orders related to their data, and will fight in court any 'gag order' that prevents it from sharing such information with customers.
Distributed denial-of-service attacks against financial firms and other industries have been mounting, so today the Cloud Security Alliance (CSA) announced it is establishing the Anti-Bot Working Group to help fight this threat.
Many CIOs also see the cost of deploying new innovations as prohibitive and complexity as a major concern, according to a new survey commissioned by Mobile Helix, a mobile security vendor.
The price of bitcoins may be soaring, but China isn't too thrilled with the virtual currency. On Thursday, the nation moved to regulate use of bitcoins, stating that its financial institutions could not deal in the virtual currency.
New attack campaigns have infected point-of-sale (PoS) systems around the world with sophisticated malware designed to steal payment card and transaction data.
Ruby on Rails users are advised to upgrade to newly released versions of the Web development framework that contain important security fixes, according to the Rails development team.
Mobile technology is increasing the complexity, usage and costs of mainframe applications, according to Compuware research.
Asian markets are ready for advanced mobile technology and fast connectivity, according to new insights released by Telenor Group in Asia.
Large smartphones with 5-in. or larger displays -- often called phablets -- are eating into sales of smaller tablets with screens in the 7-in. range.
Analysts have predicted that the Internet of Things will continue to grow in 2014, and more enterprises will start to realise the potential benefits.
When end users circumvent the IT department and start using software-as-a-service (SaaS) applications without permission, the IT pros complain about the plague they call "shadow IT." But it would seem the professionals are also operating in the shadows, according to a survey out today.
Once upon a time, not so long ago, the IT admin chose exactly what hardware and software would be used by employees. Recent trends like the consumerization of IT and BYOD (bring your own device) have shifted the balance of power, but IT still has to maintain some degree of control over the applications used and where sensitive data is stored. Many users just download apps or start using unsanctioned services, though, and introduce unnceccesary security risks through "shadow IT."
Once heavily reliant on the Chinese market, Lenovo is now looking to make acquisitions as it tries to expand its growing enterprise business to other countries.