More than 400 apps on Google Play are infected with DressCode Malware
DressCode was first introduced to researchers in April 2016, but widely known in September 2016. Then, experts at Check Point found malware in more than 40 applications from the official Google Play catalogue and reported that more than 400 applications in third-party directories were infected in total.
Let me remind you that DressCode features functionality, which is more common in ordinary trojans, oriented to desktop devices. Once the victim has downloaded and installed a malicious application, the SOCKS proxy is installed on its device. Researchers believe that infected bots are mainly engaged in advertising cliques, generating fake traffic and bringing financial benefits to their operators.
However, analysts at Check Point warned that such a botnet could be used for other purposes, including penetration of various companies into the network. Since the malware turns a device into a SOCKS proxy through which attackers miss traffic, attackers can use this function to penetrate the “home” network of the device, including the protected one and belonging to an organization.
Now own research, devoted to DressCode, was presented by analysts of Trend Micro. Researchers write that the number of infected DressCode applications continues to grow. Malware is hidden in games, skins, themes, applications to optimize the operation of the device and so on.
“Although the methods of infection that DressCode uses are not unique, it is very noticeable that many applications have managed to penetrate the official Google Play catalog,” Trend Micro experts say.
Indeed, Trend Micro’s data looks much more depressing. Experts found malware in the composition of 3000 applications, more than 400 of which are placed on the official Google Play. Some of them have been downloaded 100 000 – 500 000 times. Experts Trend Micro also note that DressCode poses a great danger for the internal networks of various companies:
“If an infected device is connected to a corporate network, an attacker can bypass NAT devices and attack an internal server, or download sensitive data using an infected device as a springboard. As the “Bring Your Own Device (BYOD)” programs are becoming more popular, more companies are exposing themselves to risks because their employees are not careful with mobile devices. “
Now your take on this argument.
We would also like to hear what you feel about the topic we discussed today. Your feedback is very important to us. Feel free to drop your comments and recommendations. If you have a contrary opinion, you can drop that too.
You can also join our Facebook Page CRMNigeria for more updates. You can do that by clicking on the link or searching for our page on Facebook.
You need to confirm your subscription by clicking on the link sent to you. You can check the spam folder for it. Add us to your mailing list to receive directly from us.
PS: Click on the link below to sign up for my Online E-Course CRM Training. Make sure you confirm your subscription by clicking on the link sent to you. Thanks.
Adeniyi Salau PMP , CCNA R&S , CDMP, CEP, MOS, MCP, CSCU (Project 2016), Microsoft Certified Security and Networking Associate is a Google and Beingcert Certified Digital Marketer, Project Manager and SEO Expert of repute with about a decade of Blogging and online marketing experience. He is always ready to share his experience with others.