Feeds

Android malware under blog control says Trend Micro

Beware the Chinese e-book reader

Combat fraud and increase customer satisfaction

Trend Micro is reporting a Chinese Android malware that operates partly under the command and control of a blog.

The ANDROIDOS_ANSERVERBOT.A malware is disguised as an e-book reader offered on a third-party Chinese app store. It uses two command and control servers, one of them served out of a blog with encrypted posts. Posts to the blog identify the URL of the primary C&C server.

This presumably gives the malware’s makers a handy way to move their C&C server around to avoid detection. The blog also hosts new copies of ANDROIDOS_ANASERVERBOT.A which are downloaded when the software connects (see Trend Micro’s flowchart for the process).

The security company also notes that upon installation, the supposed e-book reader asks for an unreasonable number of permissions – should the user be foolish enough to allow installation after reading the permission requests, the malware can access network settings and the Internet, control a device’s vibration alert, disable key locks, make calls, read low-level logfiles, read and write contact details, restart apps, wake the device, and use SMS.

Targeted at Chinese users, the app also disables security software from Qihoo360 and Tencent, among others.

Android security has been increasingly under a cloud, with HTC scrambling for a fix after turning its phones into data-spewing monsters; a banking Trojan designed to intercept security texts; a security researcher discovering a dozen malicious apps on the official Android market; and earlier this month, Google was criticized as ignoring a bug that allowed malware to be installed without warning.

Trend Micro’s post is here. ®

SANS - Survey on application security programs

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.