Security News > 2020 > May > Firm's MDM Server Abused to Deliver Android Malware to 75% of Its Devices

A threat actor managed to compromise more than 75% of the devices within a company by distributing their malware through a mobile device management server, Check Point reports.

As part of the attack, cybercriminals were distributing a new variant of the Cerberus Android malware that was designed to collect large amounts of sensitive data and exfiltrate it to a remote command and control server.

This was possible because the attackers breached the target's MDM server and abused its remote app installation features to install malware.

According to Check Point, the malware performed its data stealing activities on all of the unprotected devices that were compromised, meaning that any credentials used there were stolen.

"This campaign demonstrates the importance of understanding the difference between managing and securing mobile devices. While MDM offers an easy way to manage those devices, security cannot be ignored. Mobile devices are an integral part of the way we work, how we communicate, and how our businesses operate. They need to be protected as any other endpoint as they offer a tempting target," Check Point concludes.

News URL

http://feedproxy.google.com/~r/Securityweek/~3/1I_1koB1TEM/firms-mdm-server-abused-deliver-android-malware-75-its-devices