{"id":5564,"date":"2016-05-13T14:41:05","date_gmt":"2016-05-13T14:41:05","guid":{"rendered":"https:\/\/kasperskydaily.com\/b2b\/?p=5564"},"modified":"2020-02-26T11:09:21","modified_gmt":"2020-02-26T16:09:21","slug":"android-under-attacks-old-vulnerabilities-present-threats","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/android-under-attacks-old-vulnerabilities-present-threats\/5564\/","title":{"rendered":"Android under attacks: old vulnerabilities, present threats"},"content":{"rendered":"<p>A five-year-old Android vulnerability disclosed <a href=\"https:\/\/threatpost.com\/five-year-old-android-flaw-exposes-sms-call-history\/117873\/\" target=\"_blank\" rel=\"noopener nofollow\">a week ago<\/a> allows a wide range of various compromising actions, including privilege escalation, stealing SMS and call logs, etc. In the case of a successful attack, this is a cyberspy\u2019s dream come true.<\/p>\n<p><strong>Around for years<\/strong><\/p>\n<p>The <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2016-2060\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2016-2060<\/a> was discovered by FireEye\u2019s researchers in Qualcomm software available from the Code Aurora Forum in January, <a href=\"https:\/\/threatpost.com\/five-year-old-android-flaw-exposes-sms-call-history\/117873\/\" target=\"_blank\" rel=\"noopener nofollow\">Threatpost wrote<\/a>. And while Qualcomm has patched the affected software and pushed fixes to OEMs back in March, the vulnerable APIs were found in a 2011 git repository, which means the code has been around for a good five years and is most likely present in countless devices with various Android versions, including those no longer supported (but still in use).<\/p>\n<blockquote class=\"twitter-pullquote\"><p>#Android under attacks: old vulnerabilities, present threats<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2FLTx9&amp;text=%23Android+under+attacks%3A+old+vulnerabilities%2C+present+threats\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>Android\u2019s security problems emerge on a regular basis, despite Google\u2019s many attempts to bring its security to the appropriate level. Developers push new and more secure versions forward, but actual adoption of those secure versions lags behind heavily. <a href=\"https:\/\/en.wikipedia.org\/wiki\/Android_(operating_system)#Platform_usage\" target=\"_blank\" rel=\"noopener nofollow\">As of May 2016<\/a>, the dominant Android version is 4.x, accounting for over 54% of devices in circulation. Lollipop\u2019s versions 5.0.x (2014) and 5.1.x (early 2015) together add up to 35.6%, while the latest Marshmallow edition (version 6.0.x), launched in October 2015, has 7.5% adoption rate. And 2.2% of devices in circulation are still running Gingerbread (2011).<\/p>\n<p>Versions up to 5.0 are reportedly affected by the aforementioned vulnerability. Older devices are at the greatest risk; newer devices running Android with SE Android, the OS\u2019 implementation of Security Enhanced Linux, are at a lesser risk, Threatpost said.<\/p>\n<p><strong>A firework of news<\/strong><\/p>\n<p>As said before, new Android security issues get publicized rather often, but late April was especially \u201crich\u201d with news related to bugs, attacks, and Android-targeting malware.<\/p>\n<p><a href=\"https:\/\/threatpost.com\/android-ransomware-attacks-using-towelroot-hacking-team-exploits\/117655\/\" target=\"_blank\" rel=\"noopener nofollow\">Android ransomware hitting Android 4.x was disclosed<\/a>, soon followed by the news of a <a href=\"https:\/\/threatpost.com\/phony-google-update-spreads-data-stealing-android-malware\/117742\/\" target=\"_blank\" rel=\"noopener nofollow\">phony Google update spreading data-stealing malware<\/a>, as well as a report of <a href=\"https:\/\/threatpost.com\/scourge-of-android-overlay-malware-on-rise\/117720\/\" target=\"_blank\" rel=\"noopener nofollow\">a sheer rise of Android overlay malware<\/a>. All of these threats predominantly target the Android 4.x-based devices \u2013 i.e. the most-used, yet under-secured, portion.<\/p>\n<p><strong>Containing the\u00a0potential threat<\/strong><\/p>\n<p>Unfortunately, it\u2019s clear that Android 4.x-based devices\u00a0used within a corporate network\u00a0are a potential threat that IT staff has to keep\u00a0in check. It is unfeasible to complete this task manually, even if the company isn\u2019t very large, so special automated mobile security suites are required. Aside from the compulsory protection from mobile malware, such\u00a0security solutions are necessary to block out phishing attempts: the undesired\/unauthorized apps wouldn\u2019t start, at least while the smartphone is within the corporate network, and personal and corporate data wouldn\u2019t mix on the employees\u2019 mobile devices. Anti-theft tools are also highly recommended.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>Android 4.x is the most prevalent, and most targeted, system today. #mobilesecurity<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2FLTx9&amp;text=Android+4.x+is+the+most+prevalent%2C+and+most+targeted%2C+system+today.+%23mobilesecurity\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>Kaspersky Lab\u2019s\u00a0<strong>Endpoint Security for Business <\/strong>(<strong>Select<\/strong> and <strong>Advanced<\/strong> editions) features a robust and mature complex of tools to ensure the security of mobile devices used within a business network. Aside from protecting the devices from malware and phishing, it allows for the detection of rooting and jailbreaking incidents (devices are then blocked out),\u00a0supports\u00a0common MDM platforms, and features a number of tools to remotely retrieve or wipe sensitive data if the device is lost or stolen and is impossible to locate.<\/p>\n<p>For more information on the offered functions, check out the <a href=\"https:\/\/www.kaspersky.com\/business-security\/small-to-medium-business\" target=\"_blank\" rel=\"noopener nofollow\">Business Security<\/a>\u00a0section on Kaspersky Lab\u2019s official site.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The late April was especially &#8220;rich&#8221; with news related to bugs, attacks and Android-targeting malware.<\/p>\n","protected":false},"author":209,"featured_media":15354,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3052],"tags":[105,218,268],"class_list":{"0":"post-5564","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-android","10":"tag-mobile-security","11":"tag-vulnerabilities"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/android-under-attacks-old-vulnerabilities-present-threats\/5564\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/android-under-attacks-old-vulnerabilities-present-threats\/15043\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/android-under-attacks-old-vulnerabilities-present-threats\/6325\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/android-under-attacks-old-vulnerabilities-present-threats\/5564\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/android-under-attacks-old-vulnerabilities-present-threats\/5564\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/android\/","name":"Android"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/5564","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/209"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=5564"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/5564\/revisions"}],"predecessor-version":[{"id":33693,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/5564\/revisions\/33693"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/15354"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=5564"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=5564"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=5564"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}