Security News > 2020 > May > Firm's MDM Server Abused to Deliver Android Malware to 75% of Its Devices
A threat actor managed to compromise more than 75% of the devices within a company by distributing their malware through a mobile device management server, Check Point reports.
As part of the attack, cybercriminals were distributing a new variant of the Cerberus Android malware that was designed to collect large amounts of sensitive data and exfiltrate it to a remote command and control server.
This was possible because the attackers breached the target's MDM server and abused its remote app installation features to install malware.
According to Check Point, the malware performed its data stealing activities on all of the unprotected devices that were compromised, meaning that any credentials used there were stolen.
"This campaign demonstrates the importance of understanding the difference between managing and securing mobile devices. While MDM offers an easy way to manage those devices, security cannot be ignored. Mobile devices are an integral part of the way we work, how we communicate, and how our businesses operate. They need to be protected as any other endpoint as they offer a tempting target," Check Point concludes.
News URL
Related news
- New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking (source)
- TrickMo malware steals Android PINs using fake lock screen (source)
- Perfctl malware strikes again as crypto-crooks target Docker Remote API servers (source)
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- Android malware "FakeCall" now reroutes bank calls to attackers (source)
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- Cyber crooks push Android malware via letter (source)