Smartphones and tablet computers are no longer indispensable from the corporate life. Now, they don´t serve for communication purposes only but are often used for the processing of business related documents and even for access to sensitive corporate resources. This evolution demonstrates that mobile devices will be the future within every organization.
In 2014 our Mobile-Sandbox analyzed over 100,000 Android applications that were submitted by mostly anonymous users, Anti-Virus-Companies and by our own. In the same time we updated our system several times with new features and we modified the backend and the analyzing extensions. These updates unfortunately resulted in some downtimes and a clean database and we are still working to get all the data back in the system and to get everything running again. Most of these malicious applications had been downloaded from Third-Party markets, but we also found some malware families with samples that had originally been downloaded from Google-Play. When looking at the malicious and unwanted applications and the corresponding families, one can see the following distribution of malicious behavior:
After nearly a year I found some time today to update the mobile malware overviews for iOS and Android. I hope that I did catch everything that came up in the meantime, if not, please let me know which malware family is missing in the overviews.
Android for Work has been announced by Google only some days ago and Google promises a secure but also usable way to combine sensitive company data and private data on a single device without increasing the risk of unintended leakage of company data. "... Android for Work on supported Lollipop devices offers a dedicated Work Profile with security, management and application support built-in. ... Android for Work creates a secure Work Profile to isolate and protect data and manage the flow of work information. ..." (Android for Work website) Today, we took a brief look at Android for Work to see how secure it really is and if it is a real alternative to the container solutions of AirWatch, MobileIron, Good, etc.
Our MobileSandbox paper from SAC2013 got an update. It has been accepted as an journal article for the upcoming edition of the International Journal of Information Security.