It has been one of the busiest weeks for managed service providers in Darwin and the world over, with all the security vulnerabilities of various operating systems, devices, and seemingly nonstop launches of new malicious software.
If you are a small to medium business owner and you have not procured the services of one of the many dependable managed service providers in Darwin yet with all that has been going on these past few days, then there is a very high probability that your computers and your systems have already been infected. Here are just some of the alarming threats that were discovered this week.
Hummingbad Android Trojan And The Likes
Managed service providers in Darwin have been on high alert for the past couple of weeks because the hummingbad trojan infected over 10 million devices with Android operating systems within only a matter of a few weeks. This malicious software surprisingly has a stable support system and is run like a valid business having a staff made up of 25 individuals in China! Their business generates around $300,000 USD each month from sale of valuable information that they are able to collect from smart phones and from bogus advertising pay per click revenue.
Researchers from Check Point Mobile was able to understand the inner workings of the group of Chinese cyber criminals called Yingmob, the creators of the hummingbad malware. They kept a close watch of the activities of the cyber attackers for over five months. Managed services providers in Darwin and around the world were surprised to learn that Yingmob also offers legitimate products like advertising analytics. They were also suspected to be responsible for the Yispecter malware that affects iOS.
Most managed service providers in Darwin would already know how hummingbad works; it institutes a persistent rootkit on an infected Android device, generates revenue through fraudulent advertisements, and opens up the device to further exploitation by installing other fraudulent applications. Check Point said that hummingbad was first considered as a more of a nuisance but now that it is capable of installing rootkits onto devices, it can lead to severe damages and security breaches. It can install other malware that can capture credentials, bypass email encryption, and install keyloggers that can all lead to serious business security threats and losses for enterprises, especially ones that do not have the support of managed service providers in Darwin.
Businesses and their managed service providers in Darwin should warn employees that hummingbad usually infects Android devices via side loaded infected applications. It can also present itself as an update for the operating system, making it much more harder for managed service providers in Darwin to detect. It also starts up a silent vector attack in the background which greatly impacts the data usage of the infected device. A typical wipe and reset will not be able to resolve hummingbad issues so your managed service providers in Darwin will have to re-flash the infected Android devices.
It brings much dismay to managed service providers in Darwin that malwares are being created much faster than they can be fixed and patched. Just like hummingbad, malwares called Androis_Libskin, Hummer, Shedun, right_core, and many others work similarly as adware rootkits. The malware comes from infected side loaded seemingly harmless and legitimate applications like Twitter, Facebook, WhatsApp and others. These malwares have also been detected in various apps like NYTimes, GoogleNow, SnapChat, and Candy Crush. These malwares have reportedly infected more than 20,000 apps and the number increases each day!
The applications were altered by cyber attackers so people think it is safe to install the apps since it uses legitimate certificates and can be seen in third party application stores that are very popular in Asia, especially in countries were Google Play is not accessible. Managed services providers in Darwin should warn their clients to not download and install apps from third party app stores, they can even go as far as to block such sites from your business network.
Google has reportedly patched a count of 270 vulnerabilities within the past six months, and 108 more this July. A high 60% ratio of the patches were in relation to vendor-specific peripherals from MediaTek, Qualcomm, and NVIDIA, which affected almost everything from display, graphics, camera, power, sound, and even Wi-Fi.
