Goldoson Android malware has infiltrated the official Google Play Store through 60 legitimate apps, researchers have found. These apps have more than 100 million installs on the Play Store.
After Goldoson performs malicious actions on the device, downloads and launches the app, the malware library registers the app and receives its configuration from a remote server with an obfuscated domain.
The malware runs on the device, including ad clicks, data harvesting, harvesting the MAC addresses of Bluetooth and Wi-Fi devices, and tracking user location. Clicking on fraudulent links without the user's knowledge.
Although Android 11 and later versions do not protect against data theft, Goldoson can collect sensitive data from devices running these advanced versions in 10 percent of infected apps, the researchers said.
Android devices are often used in daily work and life. If the device is invaded, our personal privacy data, business secrets, or even state secrets may pose a great security risk. Therefore, we must take necessary measures as soon as possible, especially key institutions need to take precautions in advance to avoid data security incidents. The summary has the following aspects:
1. Encrypt sensitive and confidential data. Even if various forms of data leakage occur, the data can be protected from illegal access and data leakage can be effectively prevented.
2. To manage and control data, carry out hierarchical and decentralized management of data, and encrypt and store data after classification. Different employee levels have different access rights. Ordinary employees cannot access sensitive data by leapfrogging, and different departments cannot view data across departments. Risk of core data leakage by insiders.
3. Secret-related institutions such as finance, government and enterprises can deploy data leakage prevention systems, which can effectively prevent unintentional or malicious data leakage by insiders.
4. Prevent the use of mobile phones, cameras or third-party software to take pictures and screenshots to leak internal data in the form of pictures.
Key enterprises and secret-related organizations should cooperate with professional data security organizations, use effective technical means, and take into account commercial operations while strengthening access control to sensitive information, and perform high-intensity encryption processing on stored and transmitted data , to ensure the security of data use in all aspects.