Mobile computing is on the rise, for businesses and personal use alike. Many businesses have become more reliant on it, and malicious operators have paid attention to the new possibilities this provides for cybercriminal activity. For hackers, mobile devices are regarded as ‘low-hanging fruit’ – easy pickings for cybercriminals.
What is Kemoge?
Kemoge is a good example of a malicious adware strain that attacks Android operating systems. As the name suggests, it works by bombarding users with ads. Networks security experts at FireEye discovered that it was spread within legitimate apps that can be downloaded from alternative app stores, and that it had rapidly spread to twenty countries. A FireEye security consultant, Yulong Zhang, theorized that it originated in China.
The problem doesn’t begin and end with ads either.
According to the experts: ‘Kemoge not only displays unwanted ads, but it’s also loaded with eight root exploits that target a wide range of Android devices […] A successful attack using those exploits means an attacker would have complete control over the device. Kemoge will collect a device’s IMEI (International Mobile Station Equipment Identity) and IMSI (International Mobile Subscriber Identity) numbers, information on storage and apps, and send the information to a remote server.’
And the trail of destruction continues. The ads it sends try to persuade you to download other malware-laden apps and checks Android devices for vulnerabilities that can be exploited. In short, it hijacks Android devices and gives the hackers the power to steal information and install or uninstall programs onto the phone.
A phone infected with malware of this kind is not only useless – it’s dangerous. Fortunately, there are ways to keep your data and your phone safe from cybercriminal activity. Top of the list is being careful about where you get your apps from. We suggest that you only get your Android apps from the Google Play Store, where they’ve been verified and are far less likely to be loaded with hazardous code and malware. Apps are so easy to download and install. Think before you click, whether it’s a work phone or your own personal device.
In your business, you need to formulate policies about mobile device usage and the installation of new apps. Make sure your staff understand just how much of a threat malware can be, and that it can affect smartphones, not just laptop and desktop computers. They should realize that poor mobile device security can jeopardize your network and even the functioning of your whole business, if you’re really unlucky.
Our IT professionals at Quikteks specialize in improving network security and mobile device management (MDM). With MDM, administrators are empowered to control access to data, blacklist or whitelist undesirable apps and, if necessary, take control of a device as a damage control exercise. Call us at (973) 882-4644 for advice and further information.