Hold on to your hats for this shocker: Companies are staffed with actual humans who have their own interests, habits, and quirks. Some can\u2019t work without music, others compulsively check to see if their ships are back with loot in a slow-paced online game. And these days, indulging their humanity at the workplace is easier than ever. Just about everyone has a smartphone, and app stores are packed with entertainment apps to suit every taste.<\/p>\n
Corporate phones are for work #protectmybiz<\/p>Tweet<\/a><\/blockquote>\n
Employers approach this issue in different ways. Some companies take a hard line, with policies enforcing the ideal that the workplace is for work alone; and they prohibit any irrelevant activities during work hours, enforcing with the threat of termination. Some more broadminded bosses take the view that a few minutes of freedom increases motivation and productivity.<\/p>\n
Both of these approaches have merit. What no company should stand for, however, is unauthorized apps installed on corporate phones used to access sensitive working data. Even a mundane contact list of your coworkers may be of interest to cybercriminals.<\/p>\n
What if a user installs apps from official sources only \u2014 surely nothing bad will happen, right? That\u2019s wishful thinking, unfortunately. Of course, Google keeps track of what is distributed through its official store, but criminals regularly find ways to circumvent its control mechanisms. Here\u2019s just one of their tricks: An app starts out working exactly as stated, with no malicious functionality, and continues that way through several updates. Only later do the criminal developers add some illicit code, which proceeds to steal data or take other malicious action. And even if the perpetrators are caught, they won\u2019t stop for long. The same trick can be performed multiple times; all they have to do is to alter the app\u2019s name.<\/p>\n
For example, about a year ago, we published an article on Securelist about the VK Music app<\/a>, used to listen to music uploaded by users of Russian social networking site VKontakte. It also stole users\u2019 passwords to this social network. Of course, we quickly notified Google, and the app was removed from Google Play. But even a year later, our experts still register attempts to spread new versions of this app under an array of new names via Google Play; and of course, the password-stealing payload is still there. According to our stats, there have been no fewer than 7,000 installation attempts of just one version.<\/p>\n
Mobile malware writers use a nasty trick to circumvent security controls in Google Play.\u00a0#security<\/p>Tweet<\/a><\/blockquote>\n
Why should you care about the passwords of some foreign social network? That\u2019s a fair question. Consider this: Password reuse is rampant, and therefore, a social network password can open the door to corporate services. Another thing: False posts appearing to be from employees can amount to a serious risk to a company\u2019s reputation.<\/p>\n
Okay, let\u2019s try something a little closer to home. Do you have any Pok\u00e9mon aficionados in your company?<\/p>\n
Our experts recently discovered<\/a> an app called Guide for Pok\u00e9mon Go distributed via Google Play. It looks like a single app created to help players of the much-hyped gaming title. But a little while after it\u2019s installed, the app roots the device. Rooting makes the malware capable of installing and deleting additional apps.<\/p>\n
As far as we know, the malicious app was downloaded at least 500,000 times before we busted it, and on at least 6,000 occasions it was successfully installed. The peril for a corporate device is obvious here, don\u2019t you think? If anything can be installed on a rooted smartphone, the possible consequences are endless: the perpetrators may access corporate e-mail, calendar, contact lists, or data in other working apps.<\/p>\n
That\u2019s why we strongly recommend protecting all devices \u2014 whether corporate-issued or employee-provided (aka BYOD, or bring-your-own-device) \u2014 from threats such as this using specifically tailored security solutions. We offer Kaspersky Security for Mobile<\/a>, which allows an administrator to set up plain and clear security policies for employees\u2019 handheld devices. For example, the solution might prevent employees from using certain apps or even entire categories of software. (The definitions for these categories are taken from our own Kaspersky Security Network<\/a> service, not Google Play. This is an important distinction; criminals may publish their apps in different areas of the store to evade Google moderators\u2019 scrutiny.)<\/p>\n
As a result, banned apps and apps in banned categories fail to launch on employees\u2019 smartphones, and previously installed ones get blocked. Users are then advised to remove the apps.<\/p>\n
Using settings like these helps decrease the risk of losing valuable corporate and personal data through corporate mobile devices.<\/p>\n","protected":false},"excerpt":{"rendered":"
Our experts recently discovered an app called Guide for Pok\u00e9mon Go distributed via Google Play. It looks like a single app created to help players of the much-hyped gaming title. But a little while after it\u2019s installed, the app roots the device. Rooting makes the malware capable of installing and deleting additional apps.<\/p>\n","protected":false},"author":2406,"featured_media":15334,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3052],"tags":[183,2358,2461,1703],"class_list":{"0":"post-15157","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-google-play","10":"tag-kaspersky-security-for-mobile","11":"tag-malicious-apps","12":"tag-pokemon-go"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/rooting-pokemon\/15157\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/rooting-pokemon\/4123\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/rooting-pokemon\/15157\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/rooting-pokemon\/15157\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/google-play\/","name":"Google Play"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/15157","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2406"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=15157"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/15157\/revisions"}],"predecessor-version":[{"id":33736,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/15157\/revisions\/33736"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/15334"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=15157"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=15157"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=15157"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}