DHS cites threats from out-of-date Android OS versions
The Homeland Security Department and FBI have warned police, fire departments and security personnel that Android users running out-of-date operating systems on their devices pose a significant security threat to their organizations, NetworkWorld reported.
In the July memo, which was “for official use only” and therefore not widely circulated, DHS said “industry reporting” showed that 44 percent of Android users were “still using versions 2.3.3. through 2.3.7 of the OS – known as “Gingerbread” – which were released in 2011 and carried a number of security flaws that were repaired in subsequent versions.
“The growing use of mobile devices by federal, state and local authorities makes it more important than ever to keep mobile OS[es] patched and up-to-date,” the notice said.
DHS cited three threats to those carrying devices with obsolete Android OSes and outlined a mediation tactic:
Text message Trojans account for about half of the malware on older Android devices, DHS said. A common exploit sends texts to premium rate phone numbers owned by criminals and results in high charges to the user. Security suites are now available to knock out the threat, according to the memo.
This is hidden malware that logs a user’s locations, keystrokes or passwords without the user’s knowledge. DHS recommended installing the Carrier IQ test free app that can find and remove the malware.
Fake Google Play domains
Users should install and update antivirus software to knock out these exploits, which trap users into installing apps that let hackers get at financial data and log-in credentials, DHS warned.
Posted by GCN Staff on Nov 06, 2013 at 11:23 AM