What is the com.google.provision virus? How does it attack Android devices?
It's difficult to look up a virus when its name is unknown. For vulnerabilities, this issue was addressed with Common Vulnerabilities and Exposures, and for malware, it was dealt with using Common Malware Enumeration (CME) identifiers.
Enterprise information security programs would benefit from tracking vulnerabilities or malware across an enterprise; however, this remains difficult as CME development continues.
This problem is evident today with the com.google.provision virus. Several websites reported the virus, but only a few major antimalware vendors did. This could be because other vendors called it by a different name, or because it wasn't deemed a high enough risk to devote resources to a public comment.
The attack seems to work like generic adware in the sense that, when visiting a malicious website, the website opens a new window that displays ads, and then asks the user to install a browser extension, to install applications to view the webpage or even to clean up a problem, such as fake antivirus software scams.
Ask the expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Dig Deeper on Mobile security threats and prevention
Related Q&A from Nick Lewis
Cisco Talos' Thanatos ransomware decryptor can recover files affected by new ransomware that won't decrypt ransomed files even when a ransom has been... Continue Reading
A phishing campaign targeting Trezor wallets may have poisoned DNS or hijacked BGP to gain access. Learn how the attack worked and how to mitigate it... Continue Reading
Okta researchers found a bypass that allows macOS malware to pose as signed Apple files. Discover how this is possible and how to mitigate this ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.