Android Targeted ... Again!
Cell phones have become an integral part of our daily lives in America. If you forget your phone at home, and remember on the way to work, there is a rather significant chance you will turn your vehicle around, time allowing, and return home to secure it. If you don't have it with you, the chances are good you are very cognizant you don't have it ever ready and present. There is that unnerving feeling of loss until you return home and see your phone and check your messages.
With most people having at least one cell phone, the target market has grown substantially. This eventually drives the malware market. This continues to be the case with android platform phones. A recent attack manifests this. A malicious group has coded and released into the wild two new variants of a remote administration tool (RAT) that adversely effects Android phones. For the most part, both variants have substantially the same functionality. This has been noted as "borrowing" the user's data (e.g. the user's contact list, SMS history, and list of calls made). The phone calls themselves may also be recorded. One of variants also works to gain root on the cell phone. As the data is secured by the malware, it is then sent to a C&C server. This baseline malware has been titled KevDroid. There was a secondary variant of this, also found on the same servers but used the PubNub platform, and targeted Windows.
With either example of malware, there are issues for the user. In the corporate or consumer environment, this provides for short- and long-term issues. The users should be reminded, which may be used as a training focus, not to click on pop-ups or links that are unknown or don't apply to the person. If the person knows, for example, they use "A" antivirus, however they receive an urgent message to update "B" antivirus by clicking a helpful, included link, the email should be reported if in a corporate environment, and if in a consumer environment, deleted without any further action.
About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.