Wouldn’t the world be better if bad actors left regular people alone so we could make phone calls, send texts, email friends and families, all without worrying that our most personal information is being captured and sold or used in unethical ways? Yes it would but unfortunately, that is not the case. There is simply too great a reward for being a bad actor.
Most recently, The Hacker News reported that a new piece of Android malware had been discovered “in the wild” masquerading as an anti-virus program called Naver Defender. Victims of this malware downloaded the software to prevent viruses on their Android devices only to introduce the very thing they wanted to avoid.
In the anti-hacking community, this malware has been named KevDroid and falls into the category of a remote administration tool, or perhaps more aptly known by its acronym, RAT. A piece of RAT malware allows the bad actors to remotely access and control devices, Android in this case, without the knowledge of the user. They can steal sensitive data and in record telephone calls.
Even though this particular piece of malware has not been linked to any hacking or state-sponsored operation by researchers, South Korean media have stated it is from a North Korean group called Group123.
What is this malware capable of doing if it gets on an Android device? The following list was presented in the article and it is pretty chilling.
- record phone calls and audio
- steal web history and files
- gain root access
- steal call logs, SMS, and emails
- collect a device’s location every 10 seconds
- collect a list of installed applications
Just as chilling are the potential uses to which such data could be put which range from identity theft, to blackmail, to corporate espionage.
The bottom line is that all of us have to be careful and take steps to protect our phones and devices (and therefore our information) from malicious compromise. Here are tips from the article that will help.
- Never install applications from 3rd-party stores.
- Ensure that you have already opted for Google Play Protect.
- Enable ‘verify apps’ feature in settings.
- Keep “unknown sources” disabled while not using it.
- Install anti-virus and security software from a well-known cybersecurity vendor.
- Regularly back up your phone.
- Always use an encryption application for protecting any sensitive information on your phone.
- Never open documents that you are not expecting, even if it looks like it’s from someone you know.
- Protect your devices with pin or password locks so that nobody can gain unauthorized access to your device when unattended.
- Always keep your device up-to-date with the latest security patches.
CRIP.TO is your best defense in the end-to-end encryption area. Free to use encryption apps have been proven to collect and sell personal data to pay for their operating expenses. That seems wrong in many respects but especially with an encryption product. Isn’t that why you use encryption, to protect your data from getting out? And not all of these apps provide complete end-to-end encryption.
That is why CRIP.TO is structured on a pay to use business model. When our customers pay to use our services we have no need to collect and sell personal data so they are assured of the most secure and private communications possible.
Follow the protective measures listed above and trust your encryption to the best end-to-end offering available in the market, CRIP.TO Black and Shield. When it comes to protecting your data, identity, and providing the highest level of communication security, CRIP.TO solutions are built from the ground up to give our customers the freedom to communicate fearlessly.