Saturday, November 7, 2015

Phone Security

I been seeing issues with phone recently and though I would talk about them… You might forget that a Smartphone today is much more powerful that the pc you use 10 years ago. But how do you protect  them?

I seen over and over again phone with anti-virus or malware protection. You would not do that on PC why not protect your phone.

In the last few week I blogged about Problems with IPhones, and Android devices.. But wait there much more to worry about ….


Per Michael Bentley at lookout blog

Lookout has detected over 20,000 samples of this type of trojanized adware masquerading as legitimate top applications, including Candy Crush, Facebook, GoogleNow, NYTimes, Okta, Snapchat, Twitter, WhatsApp, and many others.

Over the past year, Lookout has studied three interconnected families of adware. Lookout discovered the family Shuanet, which, like all of these families, auto-roots the device and hides in the system directory. Kemoge, or what we call ShiftyBug, recently made headlines for rooting the victim’s device and installing secondary payload apps. Another family, Shedun, also referred to as GhostPush, is yet another example of this trojanized adware. While many classify these as simple “adware,” these families are trojans.

Together, the three are responsible for over 20,000 repackaged apps, including Okta’s two-factor authentication app. We are in contact with Okta regarding this malicious repackaging of its app.

The repercussions

For individuals, getting infected with Shedun, Shuanet, and ShiftyBug might mean a trip to the store to buy a new phone. Because these pieces of adware root the device and install themselves as system applications, they become nearly impossible to remove, usually forcing victims to replace their device in order to regain normalcy.

For enterprises, having rooted devices on the network is a concern, especially if those devices were rooted by a repackaged version of a legitimate and popular enterprise app. In this rooted state, an everyday victim won’t have the proper interface to control what apps on the phone request root access. The problem here is that these apps may gain access to data they shouldn’t have access to, given their escalated privileges.


With just a quick search for “malware” on this site you can find many stories about this topic. According to internet security firm McAfee, instances of mobile malware have increased by as much as 700 percent since 2011. It’s time to set things straight once and for all. This is the truth about Android malware.

Less you think IPhone are secure, a new Malware app called YiSpecter, the was discovered by security company Palo Alto Networks, the same entity that first detailed the XcodeGhost hack.

YiSpecter can infiltrate any iOS device via a variety of means, posing as a genuine Apple-signed app once installed. Once on your iOS device, the app can then make itself invisible to the user by disguising itself as an actual iOS app, or hiding itself from the home screen – which means the user has no means of deleting it.

“On infected iOS devices, YiSpecter can download, install and launch arbitrary iOS apps, replace existing apps with those it downloads, hijack other apps’ execution to display advertisements, change Safari’s default search engine, bookmarks and opened pages, and upload device information to the C2 [command and control] server,” the researchers revealed.

Even if manually deleted, the malware will automatically re-appear.

Software for a Phone like Lookout for IOS devices or Android will help protect you NOW before you compromise your device

Get and use AV protection for your phone

I like Lookout but there are other vendors that you can choose. but do nothing and it only time till you download something that take over your device