I've been hearing more and more about malware posing as legitimate security programs on mobile devices. Are there...
any ways to detect these malicious programs, either through the network or on the devices themselves? How can I help employees detect such programs in a BYOD environment?
Fake antimalware programs have been successfully posing as real apps in attacks against Windows PCs for years. Now attackers are starting to employ the same social-engineering techniques in malware attacks against mobile devices; successful attack techniques are incorporated into attack toolkits just as new features are added to traditional software.
Enterprises can help employees in a bring your own device environment to prevent and detect malicious apps primarily though security awareness. First, be sure to tell employees to only use approved app stores that require signed applications. Employees should also check the reputation of the app in the app store and review its positive or negative reviews.
Standard enterprise security tools can also be used. For example, VPN systems can run a host security scan to detect malware or insecure configurations, and network monitoring tools could notify employees if their device is detected as infected. Employers should also put in their mobile security policy that end users must install a mobile security application or use an enterprise mobile device management system; these could detect and remove malware.
To mitigate the risk of SandroRAT, enterprises could strip Android application files from email as there are few legitimate reasons to install Android applications from emails. Additionally, instructing users to only install apps from trusted app stores will help prevent malicioius applications from getting installed by clicking a link in an email or SMS message to download what may or may not be a "real" app.
Ask the Expert!
SearchSecurity expert Nick Lewis is ready to answer your enterprise threat questions -- submit them now! (All questions are anonymous.)
Dig Deeper on Mobile security threats and prevention
Related Q&A from Nick Lewis
Researchers developed aIR-Jumper, an exploit that leverages lights within security cameras to extract data. Learn how this attack works and how to ...continue reading
The com.google.provision virus reportedly targets Android users, but little is known about it. Nick Lewis discusses the mystery threat and how Common...continue reading
A bug in Microsoft's Internet Explorer update exposes information that users enter into the browser's address bar. Learn more about the bug and URL ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.