Every quarter Sophos announces the SPAMPIONSHIP league highlighting the worst offending countries for spam. As we approach Halloween, the Q3 (July-August-September) results for 2014 are in. The Spampionship is a clear reminder that while spam is a global problem, prevention begins at home. That’s because most spam comes from so-called “zombies” – computers infected by malware that puts them under the remote control of cybercrooks who could be on the other side of the world, and probably are.

For example, SophosLabs has clocked a single infected computer sending more than 5,000,000 spams in a single week, illegally promoting an ever-changing cocktail of shady products and services, and pumping out malware in attachments.

And as SophosLabs monitor where spam comes from, they are also simultaneously mapping out where in the world the zombies are. As Cybersecurity Awareness Month draws to a close, it’s time to be part of the solution, and go zombie bashing with Sophos!

Just download and run Sophos’ free Virus Removal Tool to check your computer isn’t infected, and do your bit today!

In this Sophos Naked Security article, Sophos expert Paul Ducklin provides his analysis of the latest Spampionship results.

Highlights of the Q3 2014 Spampionship

Being high on the spam-sending charts, means you’re also high on the scale of people who put their personal information, finances, and even identity at risk.

The Spampionship is the league that everyone wants to lose, and below are the results for Q3 (July, August, September) of 2014.

The “Dirty Dozen” countries 

Measuring spam entirely by volume-per-country is a little unfair, because populous countries like China, or very well-connected, like the USA, inevitably bubble up to the top of the list.

Things get fairer – and more interesting – when each country’s spam volume is divided by its approximate population:

Read the original article, here.

Back in the summer we ran a little survey on SpiceWorks and almost 400 Small and Medium Business IT managers gave us their view on the main challenges they have with their current firewall. But some of the results weren’t exactly what we were expecting.

The #1 rated issue was the lack of reporting options

35% of respondents said their firewall provides insufficient reporting and 22% also cited lack of visibility into infected machines which speaks to a lack of useful insight too. Users are hungry for bandwidth and regulatory compliance is Insufficient reporting becoming increasingly important so it’s not really surprising that IT managers crave a better view into what’s happening on their network.

What is surprising is that so few firewall vendors offer their users what they need. Compare the leading UTM/Firewall vendors and you’ll find just one who has over 1000 reports available built-into the appliance. I’ m sure you can guess who check here if you can’t!

At Sophos we prioritize reporting and in addition to the on-box reports we also offer Sophos iView our dedicated virtual reporting appliance for those that simply need more reports or want to correlate reporting across multiple appliances.

Complexity is still the enemy of security 

We all know IT threats are coNot easy to managemplex and the survey confirms that all too often the products designed to solve security problems are far too complex too.  

Ease of use only narrowly misses out on top spot with 34% saying its a frustration.

Adminstrators need a strong link between seeing what is happening and doing something about it.  This is essential  in security products where a weakness at one point on the network can quickly become a problem for the entire organization.

Advanced threats? We’re covered, at least we think we are!

Other surprising results were hreportingow few people cited lack of protection against advanced threats and poor performance as weaknesses. We hear a lot about how traditional firewall and antivirus technologies can no longer protect against sophisticated Advanced Persistent Threats. This is seemingly a non-issue for 90% of those surveyed.  

IT managers are either confident their firewalls have the necessary protection place, like command and control detection and sandboxing, or simply have more pressing needs and don’t see advanced threats as their concern but for governments and larger enterprises to worry about.

Performance matters or does it?

That performance rates so lowpoor perf is possibly the biggest surprise. Performance is often a key concern for buyers when selecting a firewall with technical data, sizing guides and comparative reports providing useful guidance for buyers to select the right firewall for their needs. This result suggests the guidance and advice of channel resellers is proving effective and buyers are right-sizing their firewalls.

All in all some interesting results that suggest reporting and ease of management should be carefully looked at when selecting a replacement firewall. But maybe this is not really that surprising after all as these areas do reflect the core focus of network security managers. Without visibility into what’s happening, or the ability to quickly put protection in place an IT Manager’s life becomes very difficult.

Sophos UTM – ease of use and on-box reporting as standard

Sophos UTM is designed to be easy to use and includes extensive on-box reporting as standard – no need for additional hardware or subscriptions. Our new SG Series appliance all include a hard drive or a solid-state disk, giving you comprehensive reporting that you can access in seconds. So you can see what’s happening on your network in real-time and quickly access historical data.

Watch this short video to see it in action. On-box reporting as standard is just one of the reasons to make your next firewall a Sophos firewall.

Read the original article, here.

Dropbox usernames and passwords were leaked online this week. It’s the latest in a string of recent data breaches involving compromises of third-party websites that take advantage of password re-use to get at users’ accounts on multiple services. In 2014 alone, millions have had their private information and passwords compromised, leading to what some are calling data breach “fatigue.” Dropbox was quick to respond, denying a breach on their end while urging their users to enable tighter password security measures. Dropbox’s response was refreshing when compared to that of other major brands, such as Home Depot, which chose to communicate very little with the public, distributing only a few carefully crafted press releases.

As businesses learn to navigate their way through crisis management in the digital age, there are solutions that can mitigate risk, greatly saving these companies both dollar value and reputation value. Sophos offers a complete suite of solutions to ensure your customers’ data is safe and secure. A major component of this is our SafeGuard Encryption solution. Simply put, encryption adds the crucial layer of security in situations where a customer’s data is breached. Even if a bad guy gets hold of a user’s data, it’s utterly useless when encrypted, whether that data is at rest or in motion (e.g, being uploaded/downloaded from the cloud).

Although this breach was not due to a compromise of Dropbox itself, are you confident that your important files are safe when stored in the public cloud? In the case of cloud storage services, of which Dropbox is one of many, encryption prevents any breach, regardless of who caused it, from resulting in the loss or exposure of data. Using an encryption solution where the keys and control mechanisms are stored far from the potential points of compromise means you can control how data is stored, and manage who has access.

Learn more about SafeGuard Encryption

Sophos SafeGuard Encryption solves the major challenge of managing encryption across multiple platforms, devices, and cloud environments. Users and IT staff can share data safely between Windows, Mac and mobile devices – securing data wherever it lives and wherever it is sent. For more information about SafeGuard Encryption, get our free whitepaper Managing BitLocker With SafeGuard Enterprise (registration required).

Or download our Encryption Buyers Guide to learn more about how to choose the best encryption solution for your needs. You can also read interesting articles about SafeGuard Encryption, here and here.  

Read the original article, here.

Sophos announced additions to its range of SG Series firewall/UTM appliances, WiFi access points, and the availability of Sophos iView, a new dedicated virtual reporting appliance. By extending its Network Security portfolio with new entry-level and enterprise class appliances, Sophos now provides businesses of any size and the channel partners that serve them with the flexibility to consolidate their security with a complete proven solution set.

Sophos SG Series Appliances 

In April 2014 Sophos released the first of its new generation of network security appliances, the Sophos SG Series. Today, Sophos announced six additional firewall appliances, meaning that Sophos customers and partners can now choose from 12 SG Series models. As with the existing models, each uses the latest Intel multi-core technology to provide optimal performance. The new appliances include four desktop models ideal for small office deployments and two new 2U models that utilize the fastest Intel Chips and deliver extensive redundancy and customization features. Further desktop models will be available later in the year with integrated wireless connectivity, including two which support the 802.11ac standard.

Sophos iView

The release of the Sophos iView virtual appliance addresses what a recent Sophos survey on Spiceworks of SMB IT managers identified as their most significant frustration with existing firewalls from any vendor – insufficient reporting. This was the number one complaint with 35 percent of respondents saying they’d like greater reporting options. With over 1,000 built-in reports, including regulatory compliance reports, Sophos iView will give IT managers the extra depth they need. Users can also build their own custom reports and dashboards, focusing on problem areas or users on their network. Available as a virtual appliance only, Sophos iView supports VMware, Hyper-V, Citrix, and KVM virtual environments.

As a dedicated reporting appliance, Sophos iView can offload reporting duties and provide a range of added capabilities such as:

• Compliance reporting for industry standard regulations such as HIPAA, PCI, SOX, and GLBA
• Consolidated reporting across multiple UTM firewalls for a complete view of all network traffic from a single console
• Long-term persistent log management and storage for security and backup with convenient access for audits or forensics
• Licensing that is based on storage requirements, with the entry level vSI-Light including 100GB of storage and the vSI-Unlimited

Wireless Access Points

In addition to the SG Series and iView appliances, Sophos also announced the AP 100, the first in a new generation of wireless access points that support the latest 802.11ac protocols, and an entry level access point, the AP 15. As with previous Sophos wireless access points, the new AP15 and AP100 models can be managed directly from the Sophos SG Series appliances, meaning the wireless network is tightly integrated with the firewall protection.

You can read the original article here.

Sophos announced that it has acquired cloud-based security firm Mojave Networks of San Mateo, Calif. This acquisition will strengthen Sophos cloud-managed and appliance-based security solutions. To Sophos Cloud, an integrated cloud-managed security offering, Mojave will add a rich cloud-based web security solution. And to Sophos’ line of network security hardware it will enable hybrid deployment options (SaaS and non-SaaS) to meet diverse web security needs. An increasingly mobile workforce and an explosion of mobile devices have created a serious challenge for IT. To safeguard valuable corporate data and to secure roaming devices, Mojave’s innovative security platform provides an effective cloud-based network security solution that is easy to deploy and manage. It will allow Sophos customers to benefit by providing:

• A cloud-based web filtering engine enabling full protection for web interactions without requiring additional on-site technology
• Near instantaneous protection from emerging threats by supplying real-time threat intelligence from the cloud
• A simple and intuitive management experience designed for small and mid-market enterprises or pragmatic enterprises of any size
• A zero-compromise approach to security across Windows, Mac, iOS, and Android devices, delivering context-awareness, visibility and seamless protection whether they are on or off the corporate network

“Mojave Networks is a young innovative company that has built a leading platform right at the intersection of three cutting-edge areas of security:  cloud, web security, and mobile,” said Kris Hagerman, CEO, Sophos. “We’re dedicated to delivering security that is both powerful and comprehensive, but also simple. By integrating Mojave Networks’ technology into Sophos Cloud, we’re extending our leadership position and enhancing an offering that is already one of the fastest growing products in Sophos’ history.”

“We are proud of the work we’ve done at Mojave to pioneer a cloud-based approach to mobile and web security that offers unrivaled protection from malicious threats, security for mobile workers, and uniform policies across platforms,” said Garrett Larsson, CEO of Mojave Networks. “As part of Sophos we can continue to pursue our vision of comprehensive security for a mobile workforce at an accelerated pace, as we take full advantage of the rapid growth of Sophos Cloud, Sophos’ world-class community of more than 15,000 partners, and Sophos’ global presence. We’re excited to join such an innovative and disruptive leader in the IT security space.”

Sophos plans to integrate Mojave Networks’ technology into its fast-growing Sophos Cloud product line in early 2015 and then later in 2015 into appliance-based network security solutions. This will allow Sophos partners to offer their customers an integrated security platform that brings together best-of-breed PC, Mac, mobile, and network protection abilities through a single cloud-based console. This represents another leap forward in delivering comprehensive protection to organizations seeking enterprise-class security without enterprise-class complexity.

You can read theoriginal article here.

InfoCom World Congress is the largest event on digital technologies in SE Europe, attracting more than 3,500 delegates per year. It successfully records and captures for many years to run the course taken and convergence happening in Technology, Informatics, Telecommunications & Media sectors. The 16th InfoCom World titled «Techonomy: Time for Synergies!» will take place on October 21, 2014 at Divani Caravel Hotel. This year’s conference takes place in a period when special emphasis is given to technology, business strategies and synergies that are now unanimously recognized as a driver for growth.

NSS could not be absent so is one of the Sponsors of the conference. Come to chat with us !!

A lot has changed since 1995, the last time a major European law was passed on the subject of data protection (the Data Protection Directive 95/46/EC). For example, mobile devices are ubiquitous, and it’s not unusual to carry two or even three at a time. Meanwhile, sensitive company data is moving outside the safety of the traditional corporate security perimeter. Employees email documents to themselves, access data from personal smartphones and tablets, and store data in the cloud. Major data breaches are commonplace today, putting customers at risk of identity theft and financial loss, and businesses at risk of losing customer and investor loyalty. European businesses are not prepared to meet regulatory requirements outlined in the EU Data Protection Regulation, due to be enacted by the EU parliament in 2015. That’s the story told by a survey of 1,500 office workers in the UK, France and Germany, conducted by Sophos. Although a large majority of poll respondents (84%) agree that stricter data protection requirements are needed, most lack confidence that their employers are compliant (77%), and many do not know what type of data protection their companies currently have in place.

During a roundtable discussion about the survey, our security experts talked about the current state of data protection and how the new requirements might impact businesses. Anthony Merry, director of product management in the data protection group at Sophos, said companies have to get a better understanding of not just what regulations require, but what data protection actually is. “Many of the companies I talk to still do not understand what data protection is, why businesses need to do it and why it is important, and that needs to change,” he said, according to ComputerWeekly.

Some of the proposed changes to the EU Data Protection Directive include huge fines for non-compliant companies in the event of a data breach — as much as 5% of global turnover, or €100m, whichever is higher. Compared to relatively lax data protection laws in the United States, such punitive laws could be seen as harmful to businesses.

However, if companies are encrypting their data — on disks, mobile devices, storage drives, and in the cloud — they don’t have to worry as much. “If data is encrypted, even if IT systems are breached, companies will not be liable under the law,” Anthony said. Unfortunately, businesses in the countries we surveyed have a long way to go to complete data protection. According to our survey, only 62% of UK companies are encrypting laptops, along with 36% in France and 56% in Germany. Encryption of mobile devices is even farther behind: 41% in the UK, compared to 21% in France and 32% in Germany.

Learn more about data protection

Sophos SafeGuard Encryption solves the major challenge of managing encryption across multiple platforms, devices, and cloud environments. Users and IT staff can share data safely between Windows, Mac and mobile devices – securing data wherever it lives and wherever it is sent. For more information about SafeGuard Encryption, get our free whitepaper Managing BitLocker With SafeGuard Enterprise (registration required). Or download our Encryption Buyers Guide to learn more about how to choose the best encryption solution for your needs.

Instead of just reinstalling your favourite apps and starting afresh, your new device will know how to get online straight away, how to get into your Twitter account, and how many Angry Birds levels you haven’t conquered yet. Clearly, Google keeps a raft of configuration data on your behalf, because if you have the option enabled and then decide to turn it off you get this dialog: So how risky is this option? It’s not risky in the sense, for example, of the recent flaw in the Tumblr app on iOS. There, Tumblr forgot to secure the actual transmission of personally identifiable information (PII), such as your password.

That meant that crooks at a coffee shop, for example, might easily be able to sniff out and extract your Tumblr password. The Android issue is more subtle: the data is encrypted in transit, and Google (for all we know) probably stores it encrypted at the other end. But it’s not encrypted in the sense of being inaccessible to anyone except you. That’s obvious because, you can recover your data from Google even after you’ve wiped (or lost) your device, or changed your Google account password. In other words, Google can unilaterally recover the plaintext of your Wi-Fi passwords, precisely so it can return those passwords to you quickly and conveniently even if you forget your device password and have to start over. That’s just the sort of convenience which many users will trade against security. So, let’s say some Three Letter Agency were to use some prismatic techqniue to acquire those Wi-Fi passwords from Google. Is that likely? If so, would it be bad? I have to say that it probably would be, if only because the list of Wi-Fi networks and passwords on your device is most likely much more extensive than just your own network in your own home.

You’d effectively be helping to built a list of passwords to go with the already-existing and extensive maps of Wi-Fi access points built up over years, both by Google and others. You probably don’t want to help anyone, friend or foe, to do that. The solution is to encrypt everything “for your eyes only” before you back it up anywhere, especially into the cloud. And the problem with that is it’s not quite as convenient, not least because there’s no password-free way to recover that backed-up data, for example if you forget your password. That’s the dilemma we all face. Are you prepared to accept a digital equivalent of locking your keys in the car forever (for example if you forget your full-disk encryption password and didn’t save the recovery key)? Or would you prefer to have what amounts to a backdoor to your own, or worse still, to other people’s, personal information? What do you think?

You can read the original article, here.

“WD is using enterprise-class components to build a new family of network appliances for small businesses,” said Bill Evans, general manager of WD’s business storage solutions group. “The WD Sentinel S-series network appliances are engineered with Intel Xeon processors, pre-populated with WD Se datacenter 3.5-inch hard drives for rapid deployment, and feature dedicated 2.5-inch boot drives for maximum reliability. No other vendor offers a comparable network storage plus server in an equally small form factor. With a small footprint and quiet fan, an S-series appliance can be deployed anywhere.”  

Proven Components from Intel, Microsoft, and WD
Built by WD, powered by an Intel Xeon processor and running Windows Server 2012 R2 Essentials, the WD Sentinel S-series is based on proven technologies from industry leaders. Unlike competitors’ proprietary operating systems, the S-series is a fully configured native Windows Server on which customers can deploy thousands of Windows applications.

“Windows Server 2012 R2 Essentials gives customers the benefit of built-in, groundbreaking, low-cost storage technologies, and WD’s Sentinel S-series hardware helps small businesses take advantage of these technologies,” said Jamie Hamilton, Director of Marketing, OEM Division at Microsoft Corp. “We are pleased to work with WD to tackle the small business, first-server opportunity. WD’s hardware engineering expertise, previous success with network storage products based on Windows Storage Server, and leadership in offering an R2 version of Windows Server 2012 Essentials puts WD in a good position to serve this industry.”

Reliable Enterprise Grade Components    
The WD Sentinel S-series include WD 3.5-inch datacenter-class hard drives for enhanced data security.  Businesses gain enterprise-class reliability with dual dedicated boot drives (optional on WD Sentinel DS5100), dual gigabit Ethernet ports, and dual external DC-in power adapter ports. This engineered redundancy, along with a bezel lock for physical security, all add to the reliability of this ultra-compact network storage plus server that can be deployed virtually anywhere.

Affordable First Server for Any Small Business
The WD Sentinel S-series is a complete, fully-configured solution with automatic backup and restore software for up to 25 users and 50 computers, all at a very affordable price that starts at $2,560 U.S. MSRP.  By combining a single solution for both storage and server requirements, the S-series appliances are a great solution for any small business looking for their first server.

“Finally, a network storage vendor has delivered a low-cost, turn-key solution that meets my customers’ requirements—with no assembly required,” said Kevin Royalty, Microsoft MVP and Managing Partner of Total Care Computer Consulting in Centerville, Ohio. “Small business customers want a packaged solution with balanced disk, processor, memory, and operating system that is engineered and tested as a unit. The DS5100 and DS6100 appliances are ideal as a ‘first server’ due to the high-performance Intel Xeon processor, Windows Server, high-capacity enterprise-class disk storage, and tiny footprint.”

Availability
WD Sentinel S-series appliances are available today at CDW, PC Connection, and Insight, and through select VARs, resellers, and distributors worldwide. The WD Sentinel DS5100 is pre-populated in capacities of 4 or 8 TB. The WD Sentinel DS6100 is available with capacities of 8, 12, or 16 TB.

For the first time, AV-Test has released test results comparing malware protection for Macs among 18 major security vendors. The results show a wide disparity in protection against Mac OS X malware. Sophos came out near the top with a 96.6% detection rate. Our Mac protection was better than Kaspersky, Trend Micro, Symantec and McAfee. You can see the full results at the AV-Test website. AV-Comparatives tests also show Sophos protects Macs better — and we won’t slow Macs down either. According to the Register, the AV-Comparatives tests showed that Sophos “aced the test.”

 Protect your Macs

Malware targeting Mac OS X isn’t as widespread as malware for Windows and Android, but the threat is real and growing. And with more businesses expecting to add Macs in the future, protecting them will need to be a top priority. You need security that works not just for Windows malware, but for Macs and mobile devices too.

Visit sophos.com/best-endpoint to see how Sophos beats the other security vendors, from protection to performance, compatibility, and price.

You can read the original article, here.

As it is, Whitten explains, Facebook gives users the option of linking their mobile numbers with their accounts. Users then can receive updates via SMS and can also login using their phone number rather than their email address. Whitten found that when sending the letter F to Facebook’s SMS shortcode – which is 32665 in the UK – Facebook returned an 8-character verification code. After submitting the code into the activation box and fiddling with the profile_id form element, Facebook sent Whitten back a _user value that was different from the profile_id that Whitten modified.

Whitten says that trying the exploit might have led to having to reauthorize after submitting the request, but he could do that with his own password instead of trying to guess at his target’s password.

After that point, Facebook was sending an SMS confirmation. From there, Whitten said, an intruder could initiate a password reset request on his targeted user’s account and get the code back, again via SMS. After a reset code is sent via SMS, the account is hijacked, Whitten wrote: We enter this code into the form, choose a new password, and we’re done. The account is ours.

Facebook closed the security hole by no longer accepting the profile_id parameter from users. This could have been a valuable flaw were it to fall into the hands of attackers who might have used it to steal personal data or send out spam. As it is, one commenter on Whitten’s post who obviously didn’t understand the “it’s now fixed” part of the story made the bug’s value clear with his or her eagerness to figure out how to exploit it: ›khalil0777 • a day ago
someone explain me how to exploit it i am realyy need it i wait your helps friends :/
:/ oh well, ›khalil0777, looks like you’re too late for that party.
I’d say better luck next time, but perhaps instead I’ll save my good wishes for Mr. Whitten.
May he enjoy his $20,000.
It was well-earned, and it’s a bargain for Facebook even were the reward to be doubled, considering the grief that could have been caused by such an easy exploit.

Click here to see the original article.

Quantum computing hinges, very broadly, on allowing individual bits (called qubits) to contain superimposed values of zero and one, vastly increasing computing power. Its implications for cryptography, medicine, and research have made it a major goal for public services and private industry alike: DARPA has devoted years of funding to quantum computing research, and Google launched its own “Quantum Artificial Intelligence Lab” last year.

But while qubits have been stored for a limited period of time under certain conditions, and specialized machines have been built using quantum technology, that’s not enough for practical code-breaking applications. Last year, for example,The Economist all but ruled out the possibility that the NSA had a crypto-ready quantum computer.

The NSA’s program, part of the larger intelligence community “Black Budget,” doesn’t actually task anybody with building a quantum computer. According to the memo, it asks researchers to “conduct basic research in quantum physics and architecture/engineering studies to determine if, and how, a cryptographically useful quantum computer can be built.” So while the grant fits with the NSA’s general mission — and quantum computing could one day pose a real threat to present-day encryption methods — it’s a lot more theoretical than the agency’s ability to, say, seed malware to computers from miles away.

You can read the original article here.

UTM Series appliances will remain an important part of our hardware appliance portfolio and continue to enjoy all the great new features and enhancements that come with every software update. Our UTM Series delivers unmatched value with a great balance of price, performance and protection.

As you know, at Sophos, every feature is available on every appliance — and our UTM Series appliances are no different. And because they are based on an Intel architecture, you can benefit from all future software enhancements and performance optimizations — past, present, and future.

Features you get with Sophos UTM Series

• Intel architecture provides a future-proof upgrade path unlike ASICs
• Same protection on every appliance, from our smallest to our largest
• Cluster up to 10 appliances dynamically without external load balancers
• A range of models at performance and price points to fit diverse environments
• Sophos UTM Series — Eight (8) models suitable for organizations of all sizes

Small:  The UTM 100, 110, and 120 are ideal for small organizations or branch offices that have less demanding traffic capacity requirements, but still want the best network protection

Medium:  The UTM 220, 320 and 425 provide the optimal balance between performance and protection for a variety of different environments.

Large:  The UTM 525 and 625 are designed to protect even the most demanding enterprise networks. They are purpose built for scalability, reliability, and high availability.

UTM Series Tech Specs

Datasheets:  UTM 1xx | UTM 220 | UTM 320 | UTM 425 | UTM 525 | UTM 625  

You can read the original article here.

One of our SophosLabs researchers, Anna Szalay, made an interesting discovery recently: a new type of Android malware that slips in through a security hole in the USB debugging feature that allows developers to modify their Android devices. Naked Security expert Paul “Duck” Ducklin reports that this malware can intercept your SMS text messages to steal bank transaction details.

Duck explains in his post that intercepting SMSes from your Android phone allows the attackers to steal information they can use to access, for example, your email accounts or bank accounts:

The crooks want to infect you with malware that knows how to intercept incoming SMSes and redirect their content elsewhere. You can see where this is going: mobile malware that reads your SMSes before you do can steal important data such as the two-factor authentication (2FA) codes sent by your email provider or your bank, giving cybercriminals a way into your account despite the extra layer of protection in place.

SophosLabs detects this SMS-stealing malware as Andr/FakeKRB-H. As Duck explains, this malware gets onto your Android in a multi-step process that starts with your device getting infected by a crafty piece of Windows malware that sneaks in through the USB connection between your Android and a PC. This “helper” malware is a downloader detected by SophosLabs as Troj/DwnlAPK-A.

If you connect your Android to a PC infected by Troj/DwnlAPK-A, the malware sneaks in under the guise of files that “appear to be regular, clean files that enable full USB-to-phone connectivity on Samsung and LG devices,” Duck writes.

Then, once the downloader is installed, it loads the Android malware onto your device in what appears to be an app disguised as a Google-imitating “Google App Store” (the real Google store is simply called “Play Store”).

This is a good reminder that the bad guys continue to develop inventive ways of compromising our security to get at our most valuable data. Read the article at Naked Security to learn more about this malware and how to block it with security settings on your Android.

You can read the original article here and here.