ECO-21 · Mobile Threat Catalogue

Mobile Threat Catalogue

Use of links or NFC tags, QR codes, or other distribution channels (e.g., sms, email) to point to malicious apps

Contribute

Threat Category: Mobile Application Store

ID: ECO-21

Threat Description:

Threat Origin

How to Protect Yourself From Malicious QR Codes 1

Exploit Examples

Find and Call app becomes first trojan to appear on iOS App Store 2

An investigation of Chrysaor Malware on Android [^AndroidWebBlog-1]

CVE Examples

Not Applicable

Possible Countermeasures

Enterprise

To prevent the installation of malicious applications, prohibit sideloading of apps and the use of unauthorized app stores

To decrease the time to detection, use app threat intelligence data to identify malicious applications installed on devices.

Use features such as Apple iOS Managed Apps, Android for Work, or Samsung KNOX Workspace that provide additional separation between personal apps and enterprise apps to mitigate the impact of malicious behaviors.

Educate users about the risks of activating links in emails or SMS messages, and instead encourage users to identify the app where hosted by an official app store.

References

  1. A. O’Donnell, “How to Protect Yourself From Malicious QR Codes”, blog, http://netsecurity.about.com/od/securityadvisorie1/a/How-To-Protect-Yourself-From-Malicious-QR-Codes.htm [accessed 8/25/16] 

  2. J. Cheng, “‘Find and Call’ app becomes first trojan to appear on iOS App Store,” Ars Technica, 5 July 2012; http://arstechnica.com/apple/2012/07/find-and-call-app-becomes-first-trojan-to-appear-on-ios-app-store/