Security News > 2020 > May > Firm's MDM Server Abused to Deliver Android Malware to 75% of Its Devices
A threat actor managed to compromise more than 75% of the devices within a company by distributing their malware through a mobile device management server, Check Point reports.
As part of the attack, cybercriminals were distributing a new variant of the Cerberus Android malware that was designed to collect large amounts of sensitive data and exfiltrate it to a remote command and control server.
This was possible because the attackers breached the target's MDM server and abused its remote app installation features to install malware.
According to Check Point, the malware performed its data stealing activities on all of the unprotected devices that were compromised, meaning that any credentials used there were stolen.
"This campaign demonstrates the importance of understanding the difference between managing and securing mobile devices. While MDM offers an easy way to manage those devices, security cannot be ignored. Mobile devices are an integral part of the way we work, how we communicate, and how our businesses operate. They need to be protected as any other endpoint as they offer a tempting target," Check Point concludes.
News URL
Related news
- New FireScam Android malware poses as RuStore app to steal data (source)
- New FireScam Android data-theft malware poses as Telegram Premium app (source)
- FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices (source)
- DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- DragonRank Exploits IIS Servers with BadIIS Malware for SEO Fraud and Gambling Redirects (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Vo1d malware botnet grows to 1.6 million Android TVs worldwide (source)