Mobile Security – Still the Frontier
We talk, often, with our clients about security and data and what we are doing as an organisation to ensure that it stays secure and within the control of our clients. So when we see this sort of report coming out of the Android community – SMS Stealing Library found in 18,000 Android Applications – we take a breath and sit down to contemplate the implications.
So to start, this has nothing to do with anything we do, or could even do if we tried.
This has do do with, roughly, 18,000 Android applications built using the Taomike SDK, one of the largest mobile advertisement solution platforms in China, that have been found to include SMS theft functionality.
The Taomike SDK, which helps developers display advertisements in their mobile apps, has been used in over 63,000 Android apps, but only around 18,000 of them have been observed to exhibit the message stealing functionality, according to Palo Alto Networks, which made the discovery.
The security firm also notes that these applications have been grabbing copies of all messages sent to infected devices since August 1.
Have a look at the detail of the breach here.
In our minds it confirms two things:
1. The end-user remains a MUCH greater threat to their own security than anything we do.
2. The apps that ends-users download, are a much greater threat to OUR ORGANISATION’s security, than we are probably giving credit to.
Food for thought.