{"id":5783,"date":"2012-12-05T08:37:06","date_gmt":"2012-12-05T13:37:06","guid":{"rendered":"http:\/\/www.ict-pulse.com\/?p=5783"},"modified":"2012-12-05T08:37:06","modified_gmt":"2012-12-05T13:37:06","slug":"hidden-threat-malware-smartphones","status":"publish","type":"post","link":"https:\/\/ict-pulse.com\/2012\/12\/hidden-threat-malware-smartphones\/","title":{"rendered":"A hidden threat: smartphone malware"},"content":{"rendered":"

The\u00a0first of two-part series discussing malware on smartphones.<\/em><\/p>\n

$\"Lascoo.co.nz\"$ <\/a>With the still growing importance of smartphones to both our personal and professional lives, it is crucial that we, as device owners and users, manage the ways in which\u00a0they can malfunction and disrupt our lives. One of the ways we frequently\u00a0overlook is the fact that smartphones are susceptible to malware and other threats, similar to a PC. \u00a0This post is the first of a two-part series on malware on smartphones. Here, we give an overview of the subject, and in a later post, we will discuss the ways in which users can protect their devices.<\/p>\n

What is malware?<\/h3>\n
Malware is short for \u201cmalicious software<\/em>\u201d, and according to Wikipedia<\/a>, it is software<\/p>\n
\u2026 <\/strong>used or created by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems\u2026<\/em><\/p>\n
Malware includes computer viruses<\/a>, worms<\/a>, trojan horses<\/a>, spyware<\/a>, adware<\/a>, and other malicious programs\u2026<\/em><\/p><\/blockquote>\n
Thanks to more affordable and accessible mobile broadband services, along with the growing take up and use of smartphones, malware on smartphones have increased considerably over the last few years. As a result, most IT security vendors have reported\u00a0marked growth in the types of malware and frequency of attacks on smartphones, which has prompted the creation of a variety smartphone-specific security products.<\/p>\n
$\"http:\/\/www.freedigitalphotos.net\/images\/agree-terms.php?id=10076747\"$ <\/a>According to the 2011 Mobile Threats Report<\/a>\u00a0published by Juniper Networks Mobile Threat Center, there was 155% increase in malware attacks across all platforms. Additionally, the firm was of the view that this growth is indicative of a maturing ecosystem evidenced by:<\/p>\n
\n
the unprecedented number of malware attacks experienced in 2011<\/li>\n
the fact that smartphone\u00a0malware has become more sophisticated, and is not just exploiting technical vulnerabilities, but also social engineering and human behaviour<\/li>\n
the \u2018low barrier to entry\u2019 to accessing smartphone\u00a0applications, which is being fostered\u00a0by users\u2019 desire for those products, as well as an ever-growing\u00a0apps market, which is not only fuelling the apps industry, but also the development of malicious programmes.<\/li>\n<\/ul>\n
Which platform is the most vulnerable?<\/h3>\n
Most recent threat reports published by a several well-regarded security experts unanimously confirm that malware attacks against smartphones using the Android Operating System (OS) have increased considerably over the past few years. The Juniper 2011 report<\/a>\u00a0highlighted that in a sample of over 790,000 applications, the number of Android Malware grew from \u2018roughly 400 samples in June to over 13,000 samples by the end of 2011<\/em>\u2019. Similarly, the Sophos Security Threat Report 2013,<\/a>\u00a0noted the following:<\/p>\n
Over 100 million Android phones shipped in the second quarter of 2012 alone. In the U.S., a September 2012\u00a0survey of smartphone users gave Android a whopping 52 .2% market share. Targets this large are difficult for malware authors to resist. And they aren\u2019t resisting\u2014 attacks against Android are increasing rapidly\u2026<\/em><\/p>\n
Today, the most common business model for Android malware attacks is to install fake apps that secretly send expensive messages to premium rate SMS services. Recent examples have included phony versions of Angry Birds Space, Instagram, and fake Android antivirus products\u2026<\/em><\/p><\/blockquote>\n
Although threats against the Android OS and smartphones have been growing, this does not mean that all other platforms are immune malware. \u00a0In addition to the sheer number of Android smartphones on the market, which makes them a more attractive target for attacks, users can secure apps from vendors who do not vet the apps they supply, which makes that market susceptible to rogue products. On the other hand, unless the device is unlocked (or \u201cjailbroken\u201d), apps for the iPhone can only be downloaded from the Apple Apps Store, in which there are comprehensive controls and ultimately, a more secure environment.<\/p>\n
What are some of the top smartphone malware?<\/h3>\n
Outlined below are just a few of the most reported threats to smartphones, and specifically Android devices. These examples should highlight how seemingly innocuous some of the malware might initially appear, or the ways in which they attempt to capitalise on our opportunistic nature.<\/p>\n
\n
Gemini<\/strong>.\u00a0Gemini is a\u00a0Trojan that opens a back door and transmits information from an Android device to a remote location (Source: Symantec<\/a>). It is also one of the first Android malware that displays botnet-like capabilities, i.e. once the malware is installed on a user\u2019s phone, it has the potential to receive commands from a remote server that allow the owner of that server to control the phone (Source: Lookout Mobile Security<\/a>). $\"\"$ <\/a><\/li>\n
GGTracker<\/strong>.\u00a0 A Trojan that targets the US market, and is automatically downloaded to a user\u2019s phone after visiting a malicious webpage that imitates the Android Market (now Google Play<\/a>). \u00a0GGTracker is able to sign-up users to a number of premium SMS subscription services without their consent, which can lead to unauthorized charges on their phone bills (Source: Lookout Mobile Security<\/a>).<\/li>\n
Loozfon<\/strong>: This\u00a0low-risk malware is a Trojan horse for Android smartphones that steals information from compromised devices (Source: Symantec<\/a>). Typically, it uses\u00a0a bogus claims, e.g.\u00a0work-at-home opportunity promising a profitable payments just for sending emails. If users click on the link in one of these advertisements, they are directed\u00a0to websites that are designed\u00a0to push Loozfon\u00a0onto their devices,\u00a0and may attempt to steal your address book contacts (Source: Forbes<\/a>).<\/li>\n
FinFisher<\/strong>: This spyware\u00a0downloaded onto\u00a0your smartphone\u00a0when users visit\u00a0a specific web link or open a text message disguised as a system update, When FinFisher\u00a0is installed\u00a0, it can remotely control and monitor users’ communications (Source: Forbes<\/a>).<\/li>\n<\/ul>\n
<\/p>\n
Image credits:\u00a0 Lascoo.co.nz<\/a>;\u00a0 Victor Habbick<\/a> (FreeDigitalPhotos.net)<\/em><\/p>\n
___________<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"
The\u00a0first of two-part series discussing malware on smartphones. With the still growing importance of smartphones to both our personal and professional lives, it is crucial that we, as device owners […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","om_disable_all_campaigns":false,"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[27,13,11,19],"tags":[194,45,105,36,94,37],"class_list":["post-5783","post","type-post","status-publish","format-standard","hentry","category-computing","category-content","category-ict-tech","category-mobile-telecoms-2","tag-android","tag-applications","tag-cybercrimecybersecurity","tag-devices","tag-iphone","tag-smartphones","et-doesnt-have-format-content","et_post_format-et-post-format-standard"],"jetpack_publicize_connections":[],"aioseo_notices":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p2iE1G-1vh","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/posts\/5783","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/comments?post=5783"}],"version-history":[{"count":10,"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/posts\/5783\/revisions"}],"predecessor-version":[{"id":5793,"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/posts\/5783\/revisions\/5793"}],"wp:attachment":[{"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/media?parent=5783"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/categories?post=5783"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ict-pulse.com\/wp-json\/wp\/v2\/tags?post=5783"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}