Security Vendors Find Banking Malware, Spyware on Google Play

Today’s topics include potentially harmful applications on the Google Play mobile app store, Oracle releasing its largest security update to date, Docker Inc.’s new professional services offering and Microsoft Hyper-V enabling Linux containers to run on Windows Server.

While the Google Play store is generally considered the safest place to find and download Android applications, it isn’t totally risk free.

Numerous security researchers in recent months have issued warnings about malicious and potentially harmful applications lurking on Google Play waiting to be downloaded by unsuspecting users.

This week two more security firms released similar advisories. Zscaler discovered a spyware tool posing as a system update in Google Play that has been downloaded between 1 million and 5 million times.

Meanwhile, Securify found banking malware hidden in a legitimate application on Google Play called Funny Videos 2017. The malware was designed to grab banking credentials and credit card numbers of mobile banking customers. Google has since removed both apps from its mobile app store.

In a critical patch update April 18, Oracle patched 299 vulnerabilities—the largest ever security update for the software company. Oracle’s previous record was set last July, when the company patched 276 vulnerabilities.

So far this year, Oracle has patched 569 vulnerabilities. Among the patches this month are multiple products being updated to fix an Apache Struts vulnerability that was publicly disclosed in March.

"The fact that we’re still addressing vulnerabilities associated with Struts v1 and Apache Commons years after the issues were first raised is surprising and troubling," John Matthew Holt, CTO of application security vendor Waratek, told eWEEK.

"The Struts 2 patch is less surprising since it was just announced in March 2017, but no less troubling as it points to the continuing issues associated with third-party software components," Holt added.

The second day of DockerCon 17 focused on enterprise adoption and what it takes to run containers in production. In keeping with that theme, Docker announced on April 18 a new service offering to modernize traditional applications.

Docker’s Chief Operating Officer Scott Johnston said his company has worked with partners including Avanade, Cisco, Hewlett Packard Enterprise and Microsoft to define a proscriptive fixed time and price professional services program to help organizations figure out a microservices strategy.

"In approximately five days, we can take a typical legacy application, containerize it and put it under Docker EE management on modern infrastructure, providing higher efficiency,” he explained.

Also at DockerCon, Microsoft announced that it is leveraging its Hyper-V isolation technology to run both Linux and Windows containers natively on Windows Server. Although Windows Server 2016 features Docker support, currently developers must specifically target Windows.

Microsoft is adapting the hardware-based resource isolation functionality found in Hyper-V Containers to provide native support for Linux and Windows containers in the Windows Server environment.

Microsoft’s Azure lead architect, John Gossman, explained  that bringing Linux and Windows containers under the same roof, so to speak, can help simplify IT infrastructures for organizations that run both types of containers and streamline their development tooling.