news
Hackers push malicious, fake Coronavirus apps
to take over Android
heck Point Research
C
has identified malicious
applications, masquerading
as innocuous Coronavirus apps,
that are designed to take control of
Android devices. Once the malicious
application is installed, a hacker
takes intrusive control of the device
Hackers are working hard during
the Coronavirus pandemic
via a remote shell, accessing a person’s
calls, SMS, calendar, files, contacts,
microphone and camera, in addition to
write, add and send privileges.
The malicious applications were not
found on Google Play Store, but were
discovered in new Coronavirus-related
domains, which researchers believe
were created specifically for the
intention of deceiving the masses
by leveraging the fear circling
Coronavirus. Most frightening
is the speed and ease of which
these device takeover apps can be
created, and who can create it.
Check Point researchers traced the
origins of the malicious applications.
The applications were crafted via
Metasploit, a free-penetration testing
framework that makes hacking
simple. Using Metasploit, anyone
with basic computer knowledge
can craft the same malicious
applications in just 15 minutes. It’s
as simple as: point Metasploit at
your target, pick an exploit, choose
a payload to drop and hit Enter. In
this case, the Metasploit crafted
apps were targeting everyday
people searching for Coronavirusrelated
content.
MORO HUB IMPROVES SECURITY
COMMITMENT FOR ITS CSP OFFERING
oro Hub (Data Hub Integrated
M
Solutions LLC), a wholly-owned
subsidiary of Dubai Electricity
and Water Authority (DEWA), has
announced it is now a Dubai Electronic
Security Center (DESC) certified Cloud
Service Provider (CSP) in the UAE.
DESC has developed a CSP Security
Standard, which outlines requirements
and guidelines for CSPs and those
organisations consuming any
cloud services. The CSP Security
Standard mandates CSPs to comply
with international best practices for
cloud services. It is based on global
information security standards such
as ISO/IEC 27001:2013; ISO/IEC
27002:2013; ISO/IEC 27017:2015;
ISR:2017 v.02 and CSA Cloud Control
Matrix 3.0.1.
As part of the extensive DESC
certification process, Moro Hub has
implemented the Information Security
Management System, complying with all
international standards for CSPs. These
controls were then verified through a
comprehensive auditing process by an
external certification body appointed by
DESC. Ensuring compliance with the
CSP Security Standard is a mandatory
requirement for CSPs looking to offer
cloud services for government and
semi-government entities in Dubai.
Mohammad Bin Sulaiman, CEO of
Moro Hub, said: “The certification
demonstrates Moro Hub’s commitment
to providing secure cloud computing
platform and services to our customers.
As a DESC certified CSP, our customers
know that we have gone through a
detailed process to ensure all their cloud
service requirements are being met
as per superior global standards and
best practices. The certification further
strengthens Moro Hub’s position as
customers’ preferred partner for their
end-to-end cloud service demands.” u
Mohammad Bin Sulaiman, CEO of Moro Hub
www.intelligentciso.com | Issue 25
13