Kemoge is the Newest Mobile Malware that Can Take Over Your Android

[dgstorm]

Android is under attack again. This time the malicious code is called Kemoge, and it can actually take over your smartphone. Here's a quote with a few more details,

Following a previous discovery, FireEye Labs mobile researchers discovered another malicious adware family quickly spreading worldwide that allows for complete takeover of a user’s Android device. This attack might also originate from China.

The malicious code was named this way due to its command and control (CnC) domain. Here's the advice given by the security researchers at FireEye in order to avoid getting infected:

• Never click on suspicious links from emails/SMS/websites/advertisements.
• Don’t install apps outside the official app store.
• Keep Android devices updated to avoid being rooted by public known bugs. (Upgrading to the latest version of OS will provide some security, but it does not guarantee that you will remain protected.)

Source: Kemoge: Another Mobile Malicious Adware Infecting Over 20 Countries « Threat Research

Thanks for the tip, @CJM!

 

[SquireSCA]

Hmmm... Suddenly Apple's approach to things isn't looking quite as bad... hehe

 

[Ollie]

Hmmm... Suddenly Apple's approach to things isn't looking quite as bad... hehe

That's what they want you to believe. Stay out of shady app stores and you will never have an issue. All of these malware stories have a common denominator...sideloading.

 

[Mustang02]

Are you telling me I shouldn't of installed that app from the Nigerian prince? He said I had millions coming to me.....

 

[SquireSCA]

Yeah, except that a lot of these huge exploits in the past several months haven't been about side loading apps. Some were from receiving a text message or visiting ab infected website, another embeds the malicious code in audio files, etc...

 

[Ollie]

Yeah, except that a lot of these huge exploits in the past several months haven't been about side loading apps. Some were from receiving a text message or visiting ab infected website, another embeds the malicious code in audio files, etc...

That was the Stagefright exploit. Which no one was able to confirm that it had actually been used.

Apple just had their grand introduction to malware in their official appstore last week. It was over in China.

Very rarely does Google have to purge their official appstore of any malware. It's always in a country that doesn't support Google Play and the users there have to use a third party app hub.

 

[Sajo]

That was the Stagefright exploit. Which no one was able to confirm that it had actually been used.

^^^ +1