Story image

ESET warns Android users to beware of fake QuadRooter patch apps

18 Aug 16

ESET is warning Android users to watch out for fake patch apps, which are possibly the first of their kind to take advantage of the newly-discovered QuadRooter vulnerability.

The two fake patch apps in question are the "Fix Patch QuadRooter" by Kiwiapps Ltd, one of which cost 0.99 EUR (AU$1.40 or NZ$1.50), which does not patch anything but instead distributes adware.

“In the past, we have seen this technique used to target users through the Windows platform. For example, some e-criminals would trick online stores into installing a fake security patch for a critical vulnerability in the Magento ecommerce platform. This technique would allow hackers to easily access the admin credentials for vulnerable e-stores. One of those attacks relied on a fake patch to deliver malware which then used the very bug that it was supposed to be fixing,” says Nick FitzGerald, senior research fellow at ESET.

ESET states that malicious apps often come alongside free versions, tutorials and cheat apps, meaning security is more important than ever. Fake patch apps may increasingly be used to target unsuspecting victims who are not as careful about mobile security as they could be. The company says that no vulnerabilities can be patched through an app, and any that claim to do so are scams.

FitzGerald provides some tips to help stop you becoming a victim.

“Unfortunately, patching with Android isn’t as easy and straightforward as some would imagine. It’s important to understand that malware like QuadRooter needs to be delivered in the form of an app. Unless “Unknown Sources” is enabled in your settings and you manually install an app from an untrusted source, this isn’t a threat. Here are some best practices for downloading apps and addressing the need for patch updates:

  • Make sure you have the Android “Verify Apps” feature enabled (if not automatically enabled from Android version 4.2 Jelly Bean)
  • Watch for the official patches prepared by Android developers themselves, depending on your device’s manufacturer
  • Never install non-official apps or download from a non-official store, and avoid clicking weird-looking links received by email or text
  • Choose the right security protection, specifically tailored for mobile use
  • Remember that if an app promises to fix something in your system, it is most likely a scam.”
SonicWall secures hybrid clouds by simplifying firewall deployment
Once new products are brought online in remote locations, administrators can manage local and distributed networks.
What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.
The quid pro quo in the IoT age
Consumer consciousness around data privacy, security and stewardship has increased tenfold in recent years, forcing businesses to make customer privacy a business imperative.