Malware and viruses are so common nowadays in the technology world that it’s no surprise when new ones are created. Thus, it should come as no surprise that hackers are looking to spread smartphone malware to unsuspecting users around the world. Kemoge, a new malicious adware for the Android mobile operating system, has spread to 20 countries, and is taking the mobile device world by storm.
The researchers at FireEye have come to the conclusion that Kemoge is found within legitimate applications that are distributed through a third-party application store. Kemoge has been found to brutally assault the smartphone it infects with unwanted advertisements. Yulong Zhang of FireEye writes that this malware was probably created by Chinese hackers, who have repackaged Kemoge into legitimate apps that are then used to spread the malware. Naturally, the results are devastating. By promoting the applications on websites and other avenues, the malware has managed to spread quite effectively.
According to CIO, Kemoge follows the following process when infecting your device:
Kemoge not only displays unwanted ads, but it’s also loaded with eight root exploits that target a wide range of Android devices […] A successful attack using those exploits means an attacker would have complete control over the device. Kemoge will collect a device’s IMEI (International Mobile Station Equipment Identity) and IMSI (International Mobile Subscriber Identity) numbers, information on storage and apps, and send the information to a remote server.
In other words, the malware convinces users to download infected apps, the malware scans the device for software vulnerabilities, installs exploits that are designed to allow for remote control, and sends information to a remote server. It’s a dangerous app that, more or less, can result in the complete and total control over your device’s applications, allowing hackers to install, uninstall, or activate applications on the device. It’s been shown that Kemoge can even uninstall any antivirus and antimalware apps, allowing for the further corruption of your device if left unchecked.
First of all, we want to emphasize that downloading legitimate apps through a third-party application distribution center is risky at best. If you’re downloading an app from the Google Play store, it’s much less likely to be malicious than if it’s found on a third-party store. Still, you should always be mindful of all the applications you download, and be sure to pay attention to what permissions you’re giving to your newly downloaded apps.
Second, you want to ensure that your employees who use their mobile devices for work purposes don’t accidentally contract this malware. You can do this by educating them about the importance of mobile device security, as well as integrating a mobile device management solution that allows the restriction of access to sensitive data on an app-by-app basis. You don’t want hackers getting their hands on sensitive data; it could result in some heavy fines and compliance issues that, in turn, lead to a broken budget.
Give Tektonic a call at (416) 256-9928 for more information about how we can help your organization stay secure.