Mobile security is the new malware battlefield as attackers take advantage of users who don't think their smartphones can get compromised.
Cyber-attackers are gunning for Google's Android as they
take advantage of a user base that is "unaware, disinterested or uneducated" in
mobile security, according to a recent research report.
Malware developers are increasingly focusing on mobile
devices, and Android malware has surged 400 percent since summer 2010,
according to the Malicious Mobile Threats Report 2010/2011 released May 11. The
increase in malware is a result of users not being concerned about security, large
number of downloads from unknown sources and the lack of mobile security
software, according to the Juniper Networks Global Threat Center, which compiled
"That's where the momentum is for 2011," said Dan Hoffman,
Juniper's chief mobile security evangelist. It's important to remember that
mobile malware still accounts for less than 1 percent of all malware detected
About 17 percent of all reported infections were due to SMS
Trojans sending text messages to premium rate numbers, the report found.
Spyware capable of monitoring phone calls and text messages from the device
accounted for 61 percent of reported infections. All, or 100 percent, of
reported infections on Android devices were of this kind of spyware.
For the past five years, most mobile malware targeted
Symbian and Microsoft Windows Mobile platforms, Juniper said. In fact, over 70
percent of malware definitions in Juniper's Junos mobile security service are
of Symbian malware. The current trend shows that malware developers are
targeting Android and the attacks are likely to get more advanced, such as
turning mobile devices into a zombie in a botnet.
"Consumers can expect to see more advanced malware
attacks against the Android platform," according to the report. These
attacks include "command and control zombies and botnet participators,
devices that are remotely controlled to execute malicious attacks," the
report's authors wrote.
Even though most infections are caused by downloading dodgy
applications, majority of smartphone users are not using antivirus software to
scan for malware, according to the Juniper report. Most app stores remove applications as soon
as they are reported as being malicious, but that is reactive and "insufficient,"
said Hoffman. The Juniper report cited a 2010 SANS Institute study that found
only 15 percent of smartphone users were employing antivirus on their phones.
Enterprises and users need to be aware of the growing risks
of going online using mobile devices, and protect them the same way they protect
desktops, laptops and servers, Hoffman said.
Another security expert raising the alarm is James Lyne,
director of technology strategy at Sophos. Users engage in dangerous activity
on their smartphone that they would never do on their PCs, Lyne told eWEEK.
They may see an e-mail and not open it on their computer because they have
learned that's dangerous. But they go ahead and open the exact same message on
their phones because they are under "the mistaken impression" that's it safer,
because smartphones can't get infected, Lyne said.
There was no reason for the attackers to continue hitting the
"walled garden that's the PC" when users are practically inviting them in on
the mobile devices, according to Lyne.
The first bank phishing app appeared in the Android Market
in January 2010, and Google took the unprecedented step of removing malicious
apps from user devices via a remote kill switch in March.
The report listed other high-profile attacks on mobile
devices in the past year. In one incident, Vodafone unknowingly shipped Android
phones with SD cards preloaded with the Mariposa Trojan which infected Windows
PCs when they devices were connected. The iPhone is at risk because malicious
apps can obtain user data and transmit it to a third-party server, the report
"In most cases, application developers used pre-packaged
code purchased from advertising agencies, originally intended to collect device
information that could be used to build advertising profiles of the device
user," Juniper said in the study.
While RIM BlackBerry devices and Apple iPhones are not under
as intense attack, Juniper warned that spyware apps such as FlexiSpy, Mobile
Spy and MobiStealth are large threats to the platform.
Lyne noted that there are no security software available for
the iPhone in the Apple's app store. The company is not letting users protect
themselves, Lyne said.
Juniper also warned that the increase in Wi-Fi enabled
devices could result in more man-in-the-middle attacks, especially as people
continue to trust public Wi-Fi hotspots.