New Android Malware Steals Millions After Infecting 10M Phones

BACKGROUND:

In response to reports that a malware campaign has infected more than 10 million Android devices from over 70 countries and likely stole hundreds of millions from its victims by subscribing to paid services without their knowledge, experts at cybersecurity firms Cerberus Sentinel and RiskLens offer the following comments. 

Subscribe
Notify of
guest

3 Expert Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Paul Bischoff
Paul Bischoff , Privacy Advocate
InfoSec Expert
September 30, 2021 11:52 am

<p>The alarming part of this story is that Google Play allowed more than 200 malicious app updates on its app store. Android users implicitly trust Google Play because it comes pre-installed on most Android devices. Where can they turn to if they can\’t trust Google Play? Almost every alternative Android app store is even worse on security.</p>
<p>Play Protect, the antivirus scanner used to check Android apps for malicious behavior, fails to flag a lot of malware on Google Play. According to <a href=\"https://www.av-test.org/en/antivirus/mobile-devices/android/july-2020/google-play-protect-20.7-202909/\" data-saferedirecturl=\"https://www.google.com/url?q=https://www.av-test.org/en/antivirus/mobile-devices/android/july-2020/google-play-protect-20.7-202909/&source=gmail&ust=1633088526814000&usg=AFQjCNE-MxFvmcPTN77mQcdYLVV2Z45VIQ\"> AV Test</a>,  Play Protect detected only 52.3% of malware attacks in real time, and 55.1% of malware samples. The average for these two categories among all AV programs tested was 96.9% and 97.3%, respectively. That is not an effective antivirus. Humans probably aren\’t reviewing apps before they\’re published, either.</p>
<p>Google might lower the antivirus\’ strictness in order to catch fewer false positives that prevent legitimate apps from publishing. But the result is that more malicious apps make it past Google\’s scans.</p>

Last edited 1 year ago by Paul Bischoff
Nick Sanna
Nick Sanna , CEO
InfoSec Expert
September 30, 2021 11:51 am

<p>As more organizations consider and adopt \’bring-your-own-device\’ policies, it becomes increasingly important for CISOs to understand and communicate the impact of mobile malware threats in terms the business understands. Only when these risks are understood in financial terms can security leaders effectively prioritize security spending to mitigate the immediate and follow-on effects of compromise.</p>

Last edited 1 year ago by Nick Sanna
Chris Clements
Chris Clements , VP
InfoSec Expert
September 30, 2021 11:46 am

<p>It’s unfortunate that it’s gotten to the point that you can’t fully trust apps in official first party stores any longer. These store vendors really must do a better job of policing the behavior of the applications they distribute. In some cases, ignorant users may be to blame, such as when they may attempt to download pirated copies of apps from third-party stores, but most users aren’t, nor should they be able to, spot malicious apps or app activity stemming from an official source.</p>

Last edited 1 year ago by Chris Clements
Information Security Buzz
3
0
Would love your thoughts, please comment.x
()
x