With the season of giving well underway, you or someone you know is getting a shiny new mobile gadget this season. While it’s been several months since the media-frenzy summer of StageFright, Certifi-gate and Serialization, mobile scares and malicious app development haven’t slowed down—and we know that it is only going to be a bigger problem moving forward.
This morning, I read about a company in South Asia that is distributing a Santa Claus application on Android that appears to access and send almost everything on the device. The author of the article is not speculating how this is happening, but it seems very similar to the Certifi-Gate announcement made during this past summer’s BlackHat conference in Las Vegas.
While Google pulled the Santa Claus application, the developer is one of many using current events to take advantage of mobile consumers. Verizon’s 2015 Data Breach Investigations Report comments that “95% of malware types showed up for less than a month, and four out of five didn’t last beyond a week.”
Those who want to extract information from mobile devices realize that they have to capitalize on what is hot and fun and attention-grabbing. When the inventor of Flappy Birds pulled his app because he thought it was too addictive and time wasting, it didn’t take long at all for the bad guys to jump in and try to gain a share of those that needed to navigate a bird through a maze of pipes.
While this is the season of giving, take care to warn your users in both corporate-owned and BYOD environments that downloading applications could open the door for malicious developers to gain access to confidential information stored on their devices.
Your enterprise can protect themselves from these malicious applications when using AirWatch and its MSA member’s solutions to simplify mobile security administration and remediation by providing a comprehensive protection against malicious apps and threats against any mobile device, their applications and the networks they traverse. For more details on the AirWatch Mobile Security Alliance, please click here and here.
I hope everyone is having a great year end and looking forward to a very rewarding (and secure!) 2016.