A new cybersecurity threat is up in the wild: RedDrop can steal data, record audio, and your SMS RedDrop is new malicious software that infects Android applications, is has dangerous capabilities that can quickly pass almost every basic Android cybersecurity solution.
Researchers found RedDrop hidden in 53 working Android applications like image editors, calculators, language learning apps, space exploration apps, and other educational, recreational, and practical tools.
Once an infected app is opened on an Android device, it will silently download another seven Android Application Packages – APKs.
All stolen data is then uploaded to remote file storage systems that are controlled by the attackers.
RedDrop represents a cybersecurity threat to users who voluntarily download apps from third-party sources and websites. To protect them from this type of risk, individuals and companies that don’t have implemented a secure cybersecurity solution like an antivirus should disable downloads from third-party app stores. Another firm decision would be, depending on which OS does system use, to invest in an antivirus for Windows or antivirus for Mac.
After making a malware analysis, our cybersecurity team released a report that shows an increase in the volume of mobile ransomware, banking Trojans, and other malware over the past year.
The things don’t stop here, and unsurprisingly cybercriminals become better and better at uploading malware or adware on Google’s Play store, and Apple’s App Store. Any cybersecurity solution cannot eliminate this kind of cyber threats downloaded from official stores. They can only be removed from the markets and deleted from infected devices once they are discovered.
“Android has an above-average amount of known security vulnerabilities, and hackers know this.”
We recommend companies that allow employees to use their own Android devices, to add specific and clear guidelines about what work-related activities are allowed on their phones and what security measures need to be in place, because if not any company can be affected by an infected device own by an employee. Cybersecurity administrators need to instruct employees not to change the allow apps from unknown sources setting to any, and they need to install a cybersecurity solution on every device that connects to the internal company network.
If you are a company, we recommend contracting a cybersecurity company to do regular cybersecurity checks like penetration testing and ethical hacking test; to your company’s network to highlight potential flaws that could lead to devastating cyber attacks.