Wednesday September 19, 2018
Home Science & Technology Reports revea...

Reports reveal 400 Google Play Store Apps Affected with “DressCode” Malware

With the rise of “Bring Your Own Device” (BYOD) programmes, more enterprises are exposing themselves to risk via carefree employee mobile usage

0
//
209
Google Play App, Source: www.engadget.com
Republish
Reprint

New Delhi, October 6, 2016: Four hundred apps have been found to be affected with “DressCode”malware on Google Play Store, a report said on Thursday.

“DressCode” malware allows threat actors to infiltrate a user’s network environment.

If an infected device connects to an enterprise network, the attacker can either bypass the NAT device to attack the internal server or download sensitive data using the infected device as a springboard, said the report by software security leaderTrend Micro.

NewsGram brings to you current foreign news from all over the world.

Trend Micro’s “Mobile App Reputation Service” (MARS) has counted 16.6 million malware detections as of August this year — a 40 percent leap from detections listed in January.

The apps affected include recreational types like games, skins, and themes to phone optimisation boosters. The malicious code only makes for a small part of the app, making it difficult to detect.

With the rise of “Bring Your Own Device” (BYOD) programmes, more enterprises are exposing themselves to risk via carefree employee mobile usage.

NewsGram brings to you top news around the world today.

According to Trend Micro data, 82 per cent of businesses implement BYOD or allow employee personal devices for work-related functions.

While this programme can increase employee productivity, it can also make companies vulnerable to malware like DressCode.

Check out NewsGram for latest international news updates.

Trend Micro notified Google Play of these threats and the company took necessary steps to remove the compromised apps. (IANS)

Click here for reuse options!
Copyright 2016 NewsGram

Next Story

Aadhaar Helpline Mystery: French Security Expert Tweets of doing a Full Disclosure Tomorrow about Code of the Google SetUP Wizard App

0
planet, google, environment
Google's new tool can help you make our planet healthy. Wikimedia Commons

Google’s admission that it had in 2014 inadvertently coded the 112 distress number and the UIDAI helpline number into its setup wizard for Android devices triggered another controversy on Saturday as India’s telecom regulator had only recommended the use of 112 as an emergency number in April 2015.

After a large section of smartphone users in India saw a toll-free helpline number of UIDAI saved in their phone-books by default, Google issued a statement, saying its “internal review revealed that in 2014, the then UIDAI helpline number and the 112 distress helpline number were inadvertently coded into the SetUp wizard of the Android release given to OEMs for use in India and has remained there since”.

Aadhaar Helpline Number Mystery: French security expert tweets of doing a full disclosure tomorrow about Code of the Google SetUP Wizard App, Image: Wikimedia Commons.

However, the Telecom Regulatory Authority of India (TRAI) recommended only in April 2015 that the number 112 be adopted as the single emergency number for the country.

According to Google, “since the numbers get listed on a user’s contact list, these get  transferred accordingly to the contacts on any new device”.

Google was yet to comment on the new development.

Meanwhile, French security expert that goes by the name of Elliot Alderson and has been at the core of the entire Aadhaar controversy, tweeted on Saturday: “I just found something interesting. I will probably do full disclosure tomorrow”.

“I’m digging into the code of the @Google SetupWizard app and I found that”.

“As far as I can see this object is not used in the current code, so there is no implications. This is just a poor coding practice in term of security,” he further tweeted.

On Friday, both the Unique Identification Authority of India (UIDAI) as well as the telecom operators washed their hand of the issue.

While the telecom industry denied any role in the strange incident, the UIDAI said that he strange incident, the UIDAI said that some vested interests were trying to create “unwarranted confusion” in the public and clarified that it had not asked any manufacturer or telecom service provider to provide any such facility.

Twitter was abuzz with the new development after a huge uproar due to Telecom Regulatory Authority of India (TRAI) Chairman R.S. Sharma’s open Aadhaar challenge to critics and hackers.

Ethical hackers exposed at least 14 personal details of the TRAI Chairman, including mobile numbers, home address, date of birth, PAN number and voter ID among others. (IANS)

Also Read: Why India Is Still Nowhere Near Securing Its Citizens’ Data?