Threat Category: Malicious or privacy-invasive application
ID: APP-39
Threat Description: DDoS attacks are generally more effective with a greater number of systems an attacker can control. As many DDoS attack techniques only require a given participant to generate a small amount of network traffic, such as a spoofed DNS query used in a reflection attack, they can be easily generated from a mobile device. Given the high volume of these devices, the ability for an attacker to compromise a large number in a short time with trojan apps, and their potential to launch attacks from multiple networks (e.g., Wi-Fi and celluar connections, ) they are likely intermediary targets in DDoS campaigns.
Threat Origin
Not Applicable, See Exploit or CVE Examples
Exploit Examples
Android.Tascudap 1
CVE Examples
Possible Countermeasures
To reduce the risk of installing apps with trojan functionality, only download apps from official app stores.
Use malware detection apps that identify malware by anomalous network activity.
EnterpriseUse malware detection apps that identify malware by anomalous network activity.
References
T. Katsuki, “Android.Tascudap”, Symantec; www.symantec.com/security_response/writeup.jsp?docid=2012-121312-4547-99 [accessed 01/05/2017] ↩