Leading Mobile Security Provider Offers Thoughts On Gugi Mobile Banking Malware

Following the news about new Android malware, Elday Tuvey, Co-Founder and CEO at Wandera, the leading provider of mobile data management and security commented below.

Elday Tuvey, Co-Founder and CEO at Wandera:

eldar_tuvey“Malicious applications using the overlay technique have become quite prevalent over the past couple of years in the Android ecosystem. This technique enables malicious actors to phish for sensitive information in more efficient ways, evading even two factor authentication mechanisms.

Fortunately, we have seen the issues addressed by developers and protection mechanisms being implemented along the way. Still, the human factor remains the main reason why such attacks are highly successful, as users blindly trust applications distributed through social media, SMS or ads that are actually unofficial and often malicious.
Furthermore, Banking Trojans like Gugi have a higher success rate in countries where users are keen to use unofficial apps due to the lack of availability on regional official app stores, or other restrictions.
Enterprises should not avoid using Android based devices, despite the existence of such threats. It is important to outline that security vendors progressively improve their Android security solutions to detect and remediate from such threats, therefore adding another layer of security on top of the native OS.
Users should minimise their exposure surface to threats by keeping default security features enabled at all times, and be less naive when applications request an excessive amount of permission.
Lastly it is vital for an enterprise to employ a security solution that is not only effective in blocking threats but also helps remediate already compromised devices by providing additional actionable information, which device administrators can act upon. For example a compromised device might remain compromised if the security solution fails to detect data exfiltration traffic, if the malicious code is not known in the first place.”

Information Security Buzz