Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

5 Insidious Threats That Could Be Exploiting Your Device

Jonathan Andresen, Senior Director, Products & Marketing, Asia–Pacific & Japan, MobileIron | May 20, 2016
Did you know 1 in 10 enterprises have at least one compromised device?

This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.

That's a 10% chance you don't want to take. It's true, mobile platforms have leapfrogged PC security for years, but as mobile device adoption explodes worldwide, we're seeing even more security threats. Cybercrime follows users and users are taking to mobility like never before.

While mobile devices are still safer than PCs, hackers are relentlessly searching for new ways to exploit these operating systems and gain access to valuable data. Five major threats are currently targeting iOS and Android devices using very clever tactics. Like a snake in the grass, you may not even know you've been compromised until it's too late.

Dogspectus

How it works:

Dogspectus is silently installed when malicious ads load on the target device. It exploits several Javascript vulnerabilities to install the Dogspectus ransomware, even without any user interaction. Instead of threatening to delete or encrypt data, it completely stops all other apps, and prevents the use of the phone until the victim sends ransom in the form of iTunes gift cards.

How it affects your business:

Older android devices are most susceptible to the attack. Keeping devices up to date should help you stay protected from any potential leakage of sensitive business data. Maintaining backups will also enable you to sidestep the ransomware with a factory reset.

Stagefright Targets 99 Percent of Android

How it works: Stagefright takes advantage of a vulnerability found in the Android media library. The attacker sends a malicious multimedia message via MMS. When the vulnerable Android device receives the message, it is automatically downloaded and infects the device through the multimedia preview function. It's important to note that the user doesn't have to do anything, such as click a link or download an app, for the malicious code to wind up on their phone. It happens as soon as the MMS is received. 

How it impacts your business:

Enterprises should be on high alert because Stagefright can steal data, hijack the microphone, use the camera, and essentially behave like spyware on the infected device.

XcodeGhost Attacks any iOS Devices with Thousands of Infected Apps

How it works: XcodeGhost attacks both jailbroken and non-jailbroken devices with infected apps that have made it into the Apple App Store. Apps are accidentally infected with XcodeGhost when iOS (and OS X) developers download Apple's Xcode SDK from malicious sites other than the official Apple download site. When developers use one of these compromised versions of Xcode to develop their apps, they unknowingly hide malware in their apps. 

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.