Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

7/3/2016
08:00 AM
Steve Zurier
Steve Zurier
Slideshows
Connect Directly
Twitter
RSS
E-Mail
50%
50%

6 Ways To Keep Androids Safe

Security managers have their hands full protecting Android devices, but there are common sense steps they can take to beat back attackers.
Previous
1 of 7
Next

Android malware has found its way into security industry news again in the past several days.

First, Trend Micro reported last week that the so-called “Godless” mobile malware can target any Android running Android 5.1 (Lollipop) or earlier. The company said the malware has affected more than 850,000 devices worldwide and can be found in prominent app stores such as Google Play.

Then on Wednesday, Cheetah Mobile estimated that a Chinese hacking organization was making $500,000 a day via a Trojan dubbed “Hummer.” Calling it the most prolific Trojan in history, the company reported that during the first half of 2016 alone, Hummer infected nearly 1.4 million devices worldwide. In China alone there were 63,000 infections a day.

Despite Google’s attempts over the past several years to do a better job issuing patches and vulnerability reports, the news about Android phones being attacked should come as no surprise.

Farokh Karani, director of North American Sales & Channels for Quick Heal Technologies, said the company’s research found that 90 percent of Android devices two years or older have an operating system that’s vulnerable. That’s significant because Statistica reports that about half of the installed based of Android phones are at least two years old. 

“We’ve found that there are a lot of users who don’t upgrade every two years, like many techies do, and they are vulnerable to malware,” he said.

And Mike Murray, vice president of research and response at Lookout, added that as companies continue to rely on enterprise-class mobile devices and smartphones in the enterprise to replace laptops they are more vulnerable to attack.

“Attackers are increasingly shifting their focus to mobile platforms, seeking out vulnerabilities to exploit and developing more sophisticated attacks,” he said.  

Dark Reading spoke to Lookout and Quick Heal Technologies to learn more about what security managers can do to protect their users. Here’s what they recommend to keep the hackers at bay, including a detailed list of Quick Heal’s Top 10 Android malware strains from a recent quarterly report.

.

 

Steve Zurier has more than 30 years of journalism and publishing experience, most of the last 24 of which were spent covering networking and security technology. Steve is based in Columbia, Md. View Full Bio

Previous
1 of 7
Next
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
theb0x
100%
0%
theb0x,
User Rank: Ninja
7/4/2016 | 9:53:17 AM
More ways
1) Disable all unnessisary services / applications

2) Keep Bluetooth off unless currently being used to help prevent Bluejacking attacks

3) Install a firewall. There are plenty of firewalls that do not require root. (ie No Root Firewall) They use a locally bound VPN loopback to allow the filtering of all network traffic

4) Turn off WiFi when not being used to prevent authentication with rogue access points and MITM attacks

5) Use a VPN on all Wifi networks

6) Be aware of apps with excessive permisions

7) Disable EXIF geolocation metadata on your camera

8) Encrypt your phone

9) Set a screen autolock that requires a pin / pattern

10) Disable ADB Developer Tools

11) Disable visable passwords typed in all apps

12) Install Netcut Defender to prevent ARP Spoofing and Internet Gateway Spoofing attacks

 

 

 
Anwarali
50%
50%
Anwarali,
User Rank: Apprentice
7/5/2016 | 1:37:41 AM
Re: More ways
good post.

Gen Chang
50%
50%
Gen Chang,
User Rank: Apprentice
7/5/2016 | 11:01:34 PM
Re: More ways
I'm surprised you didn't list a browser with adblocking capabilities. All the rest of your suggestions are great. The last one, I'm not familiar with, and so, will look it up. I'm using a new global ad blocker for no-root that's just been published to GitHub. Block This is the name, and if you Google the name, there's lots more information. XDA has a couple threads and readit too.
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/13/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-14300
PUBLISHED: 2020-07-13
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in th...
CVE-2020-14298
PUBLISHED: 2020-07-13
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the co...
CVE-2020-15050
PUBLISHED: 2020-07-13
An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal.
CVE-2020-10987
PUBLISHED: 2020-07-13
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.
CVE-2020-10988
PUBLISHED: 2020-07-13
A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device.