New dropper malware taking control over phones?

March 15, 2021

EXECUTIVE SUMMARY:

New dropper malware, dubbed Clast82, recently started spreading via nine different malicious apps on the Google Play Store. The dropper evaded Google’s security detection software. Once cyber security researchers reported the issue, Google worked to quickly remove the malicious apps from the Google Play Store.

So, why is this still a concern?

“What we’ve really seen in the last several months is…[that] a trusted site or a trusted location is being used to deliver the malware,” says Mark Ostrowski, Head of Engineering, US East, for Check Point Software. This makes malicious programs tough to find and tough to fight. It also makes it tough to rebuild trust once the danger has passed. In the wake of this dropper campaign, for example, some users may no longer trust the Google Play Store.

In certain contexts, when people download something as simple as a QR code, hackers can gain complete control over a phone’s operations. Hackers may start spying on person’s activities, accessing financial accounts, or may simply click around. Once the malware has been removed and normalcy is restored, a person’s sense of trust, privacy and online safety may still be lost.

To keep your phone secure:

Ensure that you use two-factor authentication for banking apps.
Consider investing in supplementary security that can parse apart malicious traffic from expected traffic on a phone.
Beware of the apps that you download. Never download apps from unknown websites.
Understand what you’re downloading and why you’re downloading it. Did your new favorite flashlight app say that it also needs access to your microphone or GPS location?
If you’re searching for comprehensive malware protection on behalf of your mobile workforce, consider Check Point’s Harmony Mobile. This security product delivers complete protection. It’s simple to deploy, easy to manage and simple to scale. Ditch dropper malware.