New Android Malware Steals Millions After Infecting 10M Phones

BACKGROUND:

In response to reports that a malware campaign has infected more than 10 million Android devices from over 70 countries and likely stole hundreds of millions from its victims by subscribing to paid services without their knowledge, experts at cybersecurity firms Cerberus Sentinel and RiskLens offer the following comments. 

Experts Comments

September 30, 2021
Nick Sanna
CEO
RiskLens

As more organizations consider and adopt 'bring-your-own-device' policies, it becomes increasingly important for CISOs to understand and communicate the impact of mobile malware threats in terms the business understands. Only when these risks are understood in financial terms can security leaders effectively prioritize security spending to mitigate the immediate and follow-on effects of compromise.

September 30, 2021
Paul Bischoff
Privacy Advocate
Comparitech

The alarming part of this story is that Google Play allowed more than 200 malicious app updates on its app store. Android users implicitly trust Google Play because it comes pre-installed on most Android devices. Where can they turn to if they can't trust Google Play? Almost every alternative Android app store is even worse on security.

Play Protect, the antivirus scanner used to check Android apps for malicious behavior, fails to flag a lot of malware on Google Play. According to AV Test

.....Read More

The alarming part of this story is that Google Play allowed more than 200 malicious app updates on its app store. Android users implicitly trust Google Play because it comes pre-installed on most Android devices. Where can they turn to if they can't trust Google Play? Almost every alternative Android app store is even worse on security.

Play Protect, the antivirus scanner used to check Android apps for malicious behavior, fails to flag a lot of malware on Google Play. According to AV Test,  Play Protect detected only 52.3% of malware attacks in real time, and 55.1% of malware samples. The average for these two categories among all AV programs tested was 96.9% and 97.3%, respectively. That is not an effective antivirus. Humans probably aren't reviewing apps before they're published, either.

Google might lower the antivirus' strictness in order to catch fewer false positives that prevent legitimate apps from publishing. But the result is that more malicious apps make it past Google's scans.

  Read Less
September 30, 2021
Chris Clements
VP
Cerberus Sentinel

It’s unfortunate that it’s gotten to the point that you can’t fully trust apps in official first party stores any longer. These store vendors really must do a better job of policing the behavior of the applications they distribute. In some cases, ignorant users may be to blame, such as when they may attempt to download pirated copies of apps from third-party stores, but most users aren’t, nor should they be able to, spot malicious apps or app activity stemming from an official source.

.....Read More

It’s unfortunate that it’s gotten to the point that you can’t fully trust apps in official first party stores any longer. These store vendors really must do a better job of policing the behavior of the applications they distribute. In some cases, ignorant users may be to blame, such as when they may attempt to download pirated copies of apps from third-party stores, but most users aren’t, nor should they be able to, spot malicious apps or app activity stemming from an official source.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.