The Connected Business: Android and Social Networking Malware Thriving

Android MalwareBoth Android and Facebook share common threads: they give their users control; they’re the most popular in their space; and they have difficulty containing their users while not removing value. Elements of these features are what have made these platforms successful. The open-source Android has seen its market share balloon to more than 60 percent during the past two years. And Facebook’s ability to build a platform for users to communicate and create has seen its user base approach one billion. However, because of these platforms’ popularity and, in the case of Android, its open-nature, both of them have invited malware into their environments.

The six-year-old Zeus malware, capable of stealing banking and personal information, recently was found residing on popular Facebook pages. The malware sits on these pages waiting for users to click on fake promotions which trigger its install. After installation, Zeus waits for users to log in to their bank account to then record user credentials. It’s believed that this information is then transferred to Russian cyber criminals to steal funds from the compromised user’s account or sell the user information to other criminals

This comes at a time when mobile malware is on the rise and thriving on Android. In a study by NQ Mobile, malware on Android jumped 163 percent in 2012, infecting 32.8 million Android devices. Most of this malware comes from third-party app stores for Android, as Google’s mobile OS has the ability to install unapproved apps outside of Google Play—something foreign to iOS users (unless you have an unlocked iPhone).

Both Android and Facebook are difficult to secure. It’s hard to establish perimeter defenses on mobile devices connected to company accounts across 3G/LTE networks, as well as organizational computers accessing data from insecure Wi-Fi networks. Also, mobile devices typically never get turned off, allowing malware on the phones’ memory to stay active for extended periods. This allows the same types of attacks, such as the Zeus malware, to connect to banking information, employee email, company documents, and credentials on the device. This data can then be reapplied to other admin accounts within an organization to do further damage or steal data through cyber espionage.

Both platforms are working on beefing up their security, but more can always be done. For Facebook, being able to detect commonalities and malicious behaviors—similar to the way spam is detected through most email clients—could be useful. By being able to flag potentially malicious links, Facebook could steer users away from malware. Android also should enable the same type of alerts to flag pirated third-party apps by taking advantage of information it already has for apps downloaded directly from Google Play.

The challenge for employers is preventing attacks of this nature. Most of the attacks targeting organizations are going after much bigger stakes than what can be found on a mobile device or within a personal banking account—they want critical intellectual property on enterprise servers. There are many solutions that can protect you—the best one is a next-generation endpoint and server security solution. When it comes to securing the mobile device itself or an individual Facebook account, user education and best practices are always a healthy start. Locking your phone, installing a phone tracking service/remote wipe, and only installing apps from Google Play is the best way to prevent mobile malware. For Facebook, being mindful of spam posts, as well as having an endpoint security solution installed on work devices will prevent the execution of Zeus and/or other malware down the pike. Security solutions, like the advanced threats they’re intended to stop, must always be evolving. With a new zero-day popping up seemingly every day and many variants of older malware still proving to be maliciously effective—ensuring that only trusted software can execute in your environment has never been more important.

via The Connected Business: Android and Social Networking Malware Thriving | Bit9 Blog.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of the author. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided "as-is". The author shall not be liable for any damages whatsoever arising out of the content or use of this blog.
%d bloggers like this: