Dresscode-Android malware that can infiltrate corporate networks is spreading


According to Trendmicro, DressCode-a family of Android malware, has been found circulating in at least 3,000 Trojanized apps. An Android malware is spreading across app stores, including Google Play, and has the capability of stealing sensitive files from corporate networks.
DressCode hides itself inside games, user interface themes, and phone optimization boosters. It can also be difficult to detect because the malicious coding only makes up a small portion of the overall app. On Google Play, Trend Micro found more than 400 apps that are part of the DressCode family, it said. That's 10 times more than what security researchers at Check Point observed a month ago.
Trend Micro added that one these apps on Google Play had been installed 100,000 to 500,000 times. Once installed, Dress Code's malicious coding will contact its command and control servers and receive orders from its developers.
The malware is particularly dangerous because it can infiltrate whatever internet network the infected device connects to. Imagine a user bringing a phone to the office and connecting to the corporate network. The makers of Dress Code could use the phone as a springboard to hack into the corporate network or download sensitive files, Trend Micro said.
"With the growth of Bring Your Own Device (BYOD) programs, more enterprises are exposing themselves to risk via carefree employee mobile usage," the security firm said.
According to Trend Micro, 82 percent of businesses have BYOD programs, allowing their employees to use personal devices for work functions. The Dress Code malware can also be used to turn infected devices into a botnet. This allows the infected devices to carry out distributed denial-of-service (DDOS) attacks or be used to send spam.
Trend Micro has found Dress Code infecting enterprise users in the U.S., France, Israel, Ukraine, and other countries. The security firm is advising that users always check the online reviews for whatever apps they download.  
Users can also install Trend Micro's mobile security products to protect themselves.
                                                                                          - ASHISH CHHATANI

Comments

Popular posts from this blog

Clickjacking leads Android ransomware to gain the administrative rights!

Importance of secure SDLC