April 2, 2013
The spread of malware is greater than it ever has been, and security researchers continue to emphasize that better email protection is needed to protect against today’s complex threats. IDG News Service recently reported that a targeted email attack targeting political and human rights activists spread an Android Trojan app which was designed to steal information. Experts said this attack, which was launched in late March, compromised a high-profile Tibetan activist.
IDG said hackers compromised the email account to send specifically crafted messages with an Android application package file to everyone in the victim's contact list, as it likely included many other activists of the same variety. The message of the email was about the World Uyghur Congress and contained an app called "conference". The message was used as the delivery mechanism for the malicious app, which ran in the background and carried out an attack to steal messages, geo-location data and contact information.
"In this case, the attackers hacked a Tibetan activist's account and used it to attack Uyghur activists," researchers wrote on Securelist.com "It indicates perhaps an interesting trend which is exploiting the trust relationships between the two communities. This technique reminds us of a combination between age old war strategies 'Divide et impera' and 'By way of deception.' Until now, we haven't seen targeted attacks against mobile phones in the wild, although we've seen indications that these were in development."
The use of zero-day attacks and other vulnerabilities to compromise Android devices is still showing a trend of growth as we look to the future. Users of these devices can protect themselves from malware being delivered via email by filtering their mail with an email protection solution, which can protect both inbound and outbound messages.