A global conglomerate had 75 percent of its mobile devices infected by a variant of the Cerberus Android banking trojan after an attack compromised the company's mobile device management (MDM) server and used it to spread the malware.
In a company blog post report, Check Point Software Technologies identifies MDM as a fairly novel malware distribution attack vector, noting that it's the "first time we have a reported incident" of this nature, whereby an MDM solution is abused to push out malware to devices.
For the record, instances of MDM abuse have -- at least on a limited basis --been reported previously, as demonstrated here. Nevertheless, with businesses leaning heavily on mobile devices and MDM solutions during the COVID-19 crisis, the threat of potentially seeing a string of copycat attacks in the future is likely much greater than before.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.