New Android exploit tricks users into downloading malware

April 1, 2015 Arctic Wolf Networks

Malware has always been one of those things that people know they should be worried about, but think will never actually happen to them. Most savvy mobile users think the matter is over-hyped and that they know how to protect themselves against malicious actors, but that's usually not the case. To make matters worse, the companies making the operating systems often minimize the issue despite the fact that they constantly work to create better methods of malware protection.

None of that really paints the true picture of malware risks to mobile users, especially those with a device running Android. Millions of Android devices have been infected with malicious software in recent years, and the majority of the time users don't even know their device is compromised due to Android Installer Hijacking. A recent report by security firm Palo Alto Networks has revealed a new vulnerability affecting Android devices that can be leveraged to secretly install malware on nearly half of all existing devices.

According to researchers with the security company, a cybercriminal can trick a system into installing apps hiding malware in the future by offering a legitimate program that has the ability to monitor subsequent installations. With the monitoring app in place, the hacker can instruct a device to download and install malicious programs instead of the apps the users believe they're getting. Once the malware is on the device, it can be used for a variety of nefarious purposes, including stealing sensitive personal information.  Because everything is concealed under the guise of legitimate software, all of these programs are downloaded without the device's owner ever knowing what's happening.

Decrease enterprise threats with network monitoring
While the risk of Android users downloading such a program is almost 50/50, the good news is the threat has actually decreased in recent months. In January, when Android Installer Hijacking was originally found, it could affect nearly 90 percent of Android devices active at the time. Although the risk of this specific cyberattack is decreasing, there are an incalculable amount of other threats to businesses utilizing mobile phones. Enterprises concerned about their ability to protect sensitive networks from malicious applications unknowingly downloaded by employees should implement security information and event management services.

A managed SIEM solution like FireBreak DRMS from ArcticWolf provides companies with continuous network monitoring. Threat information that is collected is analyzed and used to provide businesses with actionable information that can be used to create a more effective defense strategy. Network activity is monitored around-the-clock so no malicious behavior will go unnoticed, offering users increased security and peace of mind.

Cybersecurity news and analysis brought to you by ArcticWolf, inventors of firebreak detection and response security services. FireBreak, when your firewall fails.

Previous Article
Humanity: Cybersecurity’s biggest weakness

The biggest weak spots that lead to cybersecurity errors aren't even machines.

Next Article
Recent British Airways hack highlights common security problem

Password reuse can lead to major problems, as British Airways recently found out.


Want cybersecurity updates delivered to your inbox?

First Name
Last Name
Thanks for subscribing!
Error - something went wrong!