I've been hearing more and more about malware posing as legitimate security programs on mobile devices. Are there...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
any ways to detect these malicious programs, either through the network or on the devices themselves? How can I help employees detect such programs in a BYOD environment?
Fake antimalware programs have been successfully posing as real apps in attacks against Windows PCs for years. Now attackers are starting to employ the same social-engineering techniques in malware attacks against mobile devices; successful attack techniques are incorporated into attack toolkits just as new features are added to traditional software.
Enterprises can help employees in a bring your own device environment to prevent and detect malicious apps primarily though security awareness. First, be sure to tell employees to only use approved app stores that require signed applications. Employees should also check the reputation of the app in the app store and review its positive or negative reviews.
Standard enterprise security tools can also be used. For example, VPN systems can run a host security scan to detect malware or insecure configurations, and network monitoring tools could notify employees if their device is detected as infected. Employers should also put in their mobile security policy that end users must install a mobile security application or use an enterprise mobile device management system; these could detect and remove malware.
One example of a malicious app posing as a real app is the SandroRAT malware. It is distributed by both spam SMS text messages and as an attachment on emails.
To mitigate the risk of SandroRAT, enterprises could strip Android application files from email as there are few legitimate reasons to install Android applications from emails. Additionally, instructing users to only install apps from trusted app stores will help prevent malicioius applications from getting installed by clicking a link in an email or SMS message to download what may or may not be a "real" app.
Ask the Expert!
SearchSecurity expert Nick Lewis is ready to answer your enterprise threat questions -- submit them now! (All questions are anonymous.)
Dig Deeper on Mobile security threats and prevention
Related Q&A from Nick Lewis
Can Structured Threat Information eXpression improve threat intelligence sharing? Nick Lewis breaks down the evolution of the STIX security framework.continue reading
A new type of WordPress malware, WP-Base-SEO, disguises itself as an SEO plug-in that opens backdoors. Nick Lewis explains how it works and how to ...continue reading
A new exploit of CLDAP servers can be used for a DDoS reflection attack that gives attackers a 70x boost. Nick Lewis explains how to defend against ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.