The mobile threat landscape is changing. Malicious programs for mobile devices are set to rise, including cross-platform mobile malware. In addition, an increase in Trojans and viruses that can attack regular mobile phones has been noted.
This is according to Denis Maslennikov, senior virus analyst at Kaspersky Lab, speaking at the company's 10th Virus Analyst Summit, in Croatia. He says gone are the days of primitive proof-of-concept malware seen from 2004 to 2006. These days, mobile malware has one objective - making money.
“Although the vast majority of all mobile malware is designed to run under Symbian, we are seeing a growth in other platforms," he says. In 2006, 83% of all mobile malware was for Symbian, with 7% each for Windows Mobile and MSIL and the remaining 3% for J2ME.
“However, these days only 5% is Symbian, 29% is J2ME, 5% is Windows Mobile, with MSIL and Sgold having 3% and 2%, respectively. He also notes that malware for Python is starting to rear its head, with the platform already enjoying 2% of mobile malware.
In 2006, he says there were 30 families of malware overall, with 170 modifications. "This number has grown to 101 families with 483 modifications to date." This is a growth of 184%.
In terms of mobile malware geography, he says Russia and Indonesia are predisposed towards Trojan SMSes, Europe and China to worms and India to SMS-phishing. "SMS scam and spam are worldwide phenomena though."
Information stored on mobile devices can be stolen or destroyed by malicious software, specifically targeting these devices by malware written specifically for smart devices. In addition, cellphones that connect to the Internet run the risk of cyber-attacks each time they download information. An even greater worry, says Maslennikov, is losing sensitive information or having it fall into the wrong hands.
Unfortunately, he says mobile malware and riskware have become such an easy and relatively risk-free way to earn money that the quantity and the quality of mobile malware are increasing at an alarming rate.
"We are also seeing different criminal groups with different specialties. Some write the malware, some are involved with spam, and WAP affiliate networks are becoming a big headache. Other threats dial premium-rate numbers, or transfer credit from infected phones without authorisation."
A new Symbian worm from China, discovered in January, spreads via SMS with a link to itself. It collects data about the phone and attempts to upload it by opening an HTTP connection. It works on Symbian S60 third edition smartphones and is signed with a valid Symbian Certificate.
"At the end of the day, malware is getting more and more 'clever'. There is no foolproof solution, besides not using a mobile at all, which in this day and age is virtually impossible. Use a good mobile anti-virus, and exercise a little caution," he concludes.
Share