Sometimes swiping left or right maybe an ugly option. But swiping right may lead to undesirable consequences due to the simple fact of being fooled by downloading and using fake apps which may leave your private videos and photos being leaked all over the Internet. These are a threat to businesses and a headache for Managed IT firms.
There are, at least, five kinds of malicious software that spoofs enterprise applications to fool people into downloading their malware. The data set of these mobile codes show that mobile malware often mimic enterprise apps by ripping off the names of the legitimate apps and their package names.
Big name apps include Dropbox, ADP, Cisco Business Class Email app, Zendesk, FedEx Mobile, Horizon Client from Vmware, Mobile Learn app from Blackboard, and many others. Security issues like these can lead to business concerns that could make or break business deals and even cause an enterprise to crumble.
1. Shuanet
Users and managed IT firms should be looking out for Shuanet. It is a malware that automatically roots a mobile device and installs onto the system partition, which then downloads and installs other malicious applications. The other applications that it downloads could be benign or malicious apps that are pushed onto the mobile as part of ways to download other malicious apps.
Shuanet often also pushes intrusive and quite aggressive adverts onto the mobile device. If a rooted mobile devices has been compromise, it opens the business network to a host of risks when it is connected to the business network. This could also affect software updates of other legitimate apps. Since it installs itself onto the system partition, it is quite a challenge to remove that resetting a mobile device to its factory settings can not wipe the threat.
2. AndroRAT
Another threat that users and Sydney Managed IT firms should look out for is called AndroRAT, which was developed originally as a university project that creates an administration tool that can be accessed remotely.
AndroRAT lets a third party to take control of the mobile device and collects data such as call logs, contacts, device location, text messages, and it can listen in on conversations because it has access to the mobile’s microphone. This could lead to corporate and personal espionage, theft or business data, and hackers would be able to connect to business VPNs and Wi-Fi networks that the infected mobile device has previously accessed.
3. UnsafeControl
One more threat that users should keep watch for is UnsafeControl – malware that collects contacts information and sends it to the hacker’s server. UnsafeControl also has the capability to spam mobile contact lists and send spoofed SMS messages to people in the contact list so they would think that the messages came from the actual person that was hacked. If a cyber attacker used this malware to text the head of purchasing or head of finance to send a certain amount of funds to a certain bank/bitcoin/PayPal account then it could lead to serious business losses.
4. PJApps
This malware that users should be keeping a close watch for are leaks that hack the phone number, IMEI (mobile device unique identifier), and device location. It is usually used to send messages to premium numbers that are of course not free, and it can also download other applications onto the infected mobile device. This could lead to a huge surprise business phone bill, corporate espionage (since the attacker would know the location of the person carrying the business mobile device), and theft of valuable data in the device which could throw a wrench onto ongoing business plans and deals.
5. Ooqqxx
This downloads itself so that the device connects to an advertising network which pushes plenty of irritating adverts onto the notification bar, puts shortcuts onto the home screen, creates pop-up ads, and covertly downloads large files. This can be the most annoying of all the malware as it is direct and in your face – noticeable and indeed irritating.
What’s the cure for all of these mobile threats? No, not to buy an iPhone – these threats attack all operating systems and devices. Be it at a much lesser frequency, iOS have had numerous hacks to their ecosystem which only underlines the fact that taking precaution should be the number one method of prevention. Most of these malware’s are spoofs – fake apps, fake websites, fake ads – tapping on any of these on your mobile could lead to undesirable consequences. Or failing that, ensure your managed IT company has top notch IT security at your office or home because the last thing you need are your private photos going viral.