Android malware continues to get more creative, with a new variant of the ZeuS package floating about. For those who aren’t familiar with the world of Android malware, ZeuS was is a Trojan that would be installed by users onto their devices promising protection, security and the usual antivirus speech. Once installed, after a user visited certain social media sites, it would inject itself into the code stream and pull personal info from the site (usually Facebook). Personal details in hand, it would then use Facebook logos and data to present the user with offers for upgrades, better security features for his/her Android device and new software. Any and all data would, of course, go straight back to whomever has written the bug.
More recently, Kaspersky has identified a similar attack on Android devices, this time calling itself “Android Security Suite.” Users install the app and are asked for logins and similar information; the bot goes to work on your personal info. Heaven help you if you use your mobile device for banking or transmitting other personal info. Kaspersky identified markers in the code that link it to the slightly older ZeuS Trojan.
This type of attack being so easy to execute on Android devices is likely why a couple of the mobile device management providers seem to be heading more toward containerizing or partitioning devices … an approach that secures the device but essentially turns it into one of the most inconvenient mobile devices since the bag-phone. Users could reduce the likelihood of infection from this kind of malware simply by staying in the Android Marketplace Google Play app store. I love Android devices, but it’s this kind of thing that makes me cringe when we work with folks who believe these are inherently more secure in a corporate setting.
