Lighthouse Technology Solutions Blog

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Archives
    Archives Contains a list of blog posts that were created previously.
Posted by on in Alerts

Warning: Malicious Adware Finds New Way to Spread on Android Devices

b2ap3_thumbnail_security_for_your_it_400.jpgWith many organizations heavily relying on mobile computing, malicious operators have begun targeting the “low-lying fruit” of a business’ IT infrastructure, which is often a company’s mobile devices. Kemoge, a malicious adware strain designed to corrupt Android mobile operating systems, is the latest mobile threat that your business needs to protect itself against.

The network security experts at FireEye have concluded that Kemoge can be found within legitimate applications that are distributed through alternate app stores, and it has already spread to 20 different countries. The adware infects a device by overwhelming the user with unwanted advertisements. Yulong Zhang, a security consultant with FireEye, cites evidence suggesting that this particular strain of malware was created in China, and attached to legitimate applications to get the most bang for their buck. By repackaging this malicious code with legitimate software titles, Kemoge is able to spread effectively.


CIO acknowledges that Kemoge adheres to the following process when infecting a device:

Kemoge not only displays unwanted ads, but it's also loaded with eight root exploits that target a wide range of Android devices [...] A successful attack using those exploits means an attacker would have complete control over the device. Kemoge will collect a device's IMEI (International Mobile Station Equipment Identity) and IMSI (International Mobile Subscriber Identity) numbers, information on storage and apps, and send the information to a remote server.

Moreover, the malware suggests that users download other applications infected with the malware, and it scans the device for vulnerabilities. It also installs the exploits that are deployed for remote control, while sending information to a remote server. In essence, it hijacks Android mobile devices and allows the hackers behind it to extract information, and install and uninstall applications. This can render a mobile platform useless.

To combat this potential disaster, we first want to suggest that the only place you should be downloading applications for your Android device is from Google Play. Apps from the official Google Play Store will be less likely to include malicious or hazardous code. It’s also best practice to be mindful of the apps you download, whether you use a company mobile device or not.

From an organizational perspective, you’ll want to ensure that your network’s mobile device users understand your policies regarding the acquisition of new applications. It’s also a good idea to educate them about the importance of mobile device security and the effects it can have on their devices, your network, and the organization as a whole.

At Lighthouse Technology Solutions we have solutions that can improve network security, including comprehensive mobile device management (MDM). The MDM provides administrators with options to restrict access to sensitive data, blacklist and whitelist applications, and even take control of a device to ensure your organization’s sensitive data isn’t exposed. Call one of our trusted IT professionals at 703-533-LTSI (5874) to learn more.

Tagged in: Android Malware Security

With over 15 users experience of providing IT solutions and advice. Mixing innovations in technlogy with clients requirements is rewarding and inspiring when we sit down to measure the results.

Comments

  • No comments made yet. Be the first to submit a comment

Leave your comment

Guest Sunday, 09 December 2018

EasyBlog Latest Blogs

Things That Go Bump in the Server Closet
Miscellaneous
Halloween is a time to conjure up things that give people the creeps. Scary sounds are just one way to send shivers up the spine. Sounds like, howling werewolves, zombie groans, chainsaws, and bloodc...
Continue Reading...

Latest News

Our Site Has Launched!

flag

Welcome to Our New Site!
We are proud to announce the unveiling of our new website at Lighthouse Technology Solutions!

Read more...

Contact Us

Learn more about what Lighthouse Technology Solutions can do for your business.

callphone

Call us today
703-533-LTSI (5874)

119 Lounsbury Place
Falls Church, Virginia 22046