Android Threats

ZoneAlarm® is constantly updating its data base to detect the newly android vulnerabilities and mobile threats.
These are the latest Android threats that ZoneAlarm® MOBILE SECURITY app detects:

QuadRoot

What is QuadRoot?

QuadRoot is a new vulnerability affecting devices built using Qualcomm’s mobile chipsets. Hackers can use the vulnerability to gain full control on your Android operating system and personal information.

There are four QuadRoot vulnerabilities:

What can you do about QuadRoot vulnerability?

The only way to fix your device is to update your operating system. Contact your phone manufacturer or network to send you a new system update.

HummingBad

What is HummingBad?

HummingBad is a malware that generates fraudulent ad revenue, and installs on your Android more fraudulent apps.
The virus was developed by a Chinese advertising company, Yingmob, and infected over 10M Android devices worldwide.

The malware has root access to your smartphone, so the hackers can do whatever they want, such as spying on your personal information to stealing your bank details.

Many people root their own phones in order to have better control on the behavior of their Android device. But when a rooting is done without the knowledge and consent of the phone’s owner it’s consider as a hostile attack.

What can you do about HummingBad?

Install ZoneAlarm® Mobile Securitythat will detect if your phone was infected by the HummingBad malware.

How you should remove it depends on how you were infected. If you installed a Yingmob app and agreed to update the software – you can simply re-set your phone and start from scratch.

To make sure that it was completely removed, do a factory reset, then change your Google password from a PC, so it will ask for new credential when you log in through your smartphone. Be careful about installing apps that are from trusted stores.

But if the HummingBad got root access to your smartphone, a factory reset won’t be enough. You must contact your mobile operator and ask them to flash a new ROM on your phone.

How can you avoid HummingBad in the future?

Don’t click on untrusted links, download only from trusted source.
Activate ZoneAlarm® Mobile Security that will detect any suspicious app activity and don’t forget to backup your data.

Certifi-Gate

What is Certifi-Gate?

Certifi-Gate is a vulnerability that allows hackers to take full control of your Android device, and steal all your personal data.

Certifi-Gate attacks happen through mobile remote support tools which are often pre-installed on your device. These apps have root level access and hackers target the vulnerabilities in authorization methods between the apps and the operation system.
The attacker will take complete control by exploiting app security certificates to gain privileged access right, and the main problem is that Android can’t revoke these certificates.

What can you do about Certifi-Gate vulnerability?

If your device was infected, and a malicious app is exploiting the Certifi-Gate vulnerability do the following:

  1. Uninstall the risky app
  2. Contact your device manufacturer to fix this vulnerability and update your operating system.

How can you avoid Certifi-Gate in the future?

Be careful when you download mobile remote support tools, always use a trusted source.
Run ZoneAlarm® Mobile Security in the background and have a backup of your data.