3.5 - Troubleshooting Mobile Device Security Flashcards
1
Q
Android package source
A
- Once malware is on a phone, it has a huge amount of access
– Don’t install APK (Android Package Kit) files from an
untrusted source - iOS - All apps are curated by Apple
- Android
– Apps can be downloaded from Google Play
or a trusted app store
– Sideloading is where problems can occur
2
Q
Developer mode
A
- Enables developer-specific settings
– USB debugging
– Memory statistics
– Demo mode settings - iOS and iPadOS
– Enable using Xcode - Must use macOS - Android
– Enabled from Settings > About Phone
– Tap the build number seven times
3
Q
Root access/jailbreaking
A
- Mobile devices are purpose-built systems
– You don’t need direct access to the operating system - Gaining access
– Android - Rooting
– Apple iOS - Jailbreaking - Install custom firmware
– Replaces the existing operating system - Uncontrolled access
– Circumvent security features, sideload apps without
using an app store
– The MDM becomes relatively useless
4
Q
Application spoofing
A
- Install what appears to be a legitimate app
– Actually a bootleg or malicious application - Google removed 150 apps from the store in 2021
– Photo editing, camera filters, games, QR code scanners
– UltimaSMS app tried to subscribe users to
$40/month SMS service - Infect the application used to build the apps
– A malicious version of Xcode: XcodeGhost malware - Always check the source of a download
– And the legitimacy of the app
– You are giving this app permissions and control
5
Q
High network traffic
A
- Higher than normal network use
– May indicate installed malware
– Command & control
– Proxy network use - Check built-in data use reports
– Some of these are quite detailed - Use a third-party reporting app
– Use a trusted source - Run a malware scan
– Always a good precaution
6
Q
Data-usage limit notification
A
- Built-in Android feature
– Not native in iOS - Set a warning and limit
– Get notification when traffic is excessive - Can indicate a malware infection
– Drill-down on individual app usage - Run a malware scan
– Find the problem app
7
Q
Sluggish response time
A
- Running slowly
– Screen lags, poor input response time - Restart
– Clear the slate - Check for OS and app updates
– Fix the buggy code - Close apps that are not in use
– Less resources to manage - Factory reset
– A last chance to resolve the problem
8
Q
Limited or no Internet connectivity
A
- Malware doesn’t want to be removed
– It will prevent access to network resources - Disable and enable Wi-Fi
– Or enable/disable airplane mode - Restart the device
– Clear memory and reload drivers - Perform a malware scan
– Find and remove
9
Q
High number of ads
A
- Malware wants to show you advertising
– Revenue for each view and click - May be difficult to find
– 2019: Ads Blocker for Android promised to
remove ads
– Actually did the opposite
– Once installed, wasn’t listed in available apps
– FakeAdsBlock malware strain - Run anti-malware utility
– Remove the adware
10
Q
Fake security warnings
A
- The easiest way to get on a phone
– Have the user install their own malware - The warnings seem legitimate
– They are not actual security issues
– Do not install any software - Malware can directly access user data
– Steals credit card details, stored passwords,
browsing history, text messages - Don’t click - If you click, run a malware removal tool
11
Q
Unexpected application behavior
A
- Apps unexpectedly close - Or have excessive delays
- App doesn’t seem to have all of the normal features
– Or included features are not working - High battery utilization
– Only when this application is running - Update the app - Get the latest version
12
Q
Leaked personal files
A
- Unauthorized account access
– Unauthorized root access
– Leaked personal files and data - Determine cause of data breach
– Perform an app scan, run anti-malware scan - Factory reset and clean install
– This is obviously a huge issue - Check online data sources
– Apple iCloud/Apple Configurator, Google Workspace,
Microsoft OneDrive
– Change passwords
