5 Malware attacks that defined 2011 and why your Smartphone is next

  

 Email Article  

Tweet  

  

  

By Dylan Sachs and Minal Pithia

With the recent news of even more malware on the Android Market (and the subsequent Microsoft offer of a free Windows Phone for some of those affected), people are getting more and more concerned that their devices, personal information - or worse, their bank balance - are going to be targeted.

This news isn't really new - mobile malware has been a problem for years now, and as the smartphone market continues to grow, it will remain an issue for years to come.  At the conferences we have attended this year - FIRST, APWG, and DCC - we have heard several talks from researchers about how mobile devices are being used to steal people's money.  Some are straightforward - like the aforementioned Android Market malware which sent SMS messages to premium numbers, jacking up the user's cell phone bill - and some are decidedly not straightforward, involving Man-In-The-Middle attacks, desktop malware, SIM card cloning, and other novel approaches.

The malware industry as a whole (not just mobile) has been booming this year - over the course of the last 12 months, we have seen:

1. Malware spam
via LinkedIn, Facebook
2. Malicious ads and search results –Most recent one seen in November – Users  infected computers displayed an ad for a vacation timeshare on top of the ESPN homepage (New York Times11/09/11)
3. Spear Phish that spread malware and steal credentials – Recently, Symantec reported finding a new wave of malware attacks against private companies involved in research, development, and manufacture of chemicals and advanced materials The attacks, combine social engineering lures (spear phishing e-mails) and the remote access Trojan to infect targeted Windows computers and hijack sensitive information.
4. Social Engineering and Hactivism – Groups like Anonymous and LulzSec used social and political tactics to rock companies and government organizations by releasing sensitive information to the public
5. Mobile Malware – According to a report my McAfee, Android surpassed Symbian as the most popular target of mobile malware. With all mobile malware effort focused on Android, it has also seen a significant rise in detected malware samples—about a 50 percent increase over Q2.

The adoption rates of mobile devices (smartphones, specifically) continue to climb for every geographic region, and for good reason; they change the way we communicate, conduct business, and go about our daily lives. Smartphones and tablets are essentially pocket-sized computers, and it's that portability that makes them more appealing. “ eMarketer estimates almost 100 million consumers will be on the mobile web this year. The US mobile web population will be up almost 25% this year as 97.3 million mobile owners log on to the internet from their device at least monthly”.  Yes, you read that right: 97.3 million mobile internet users, in the US alone.  Japan has had more mobile internet users than wired internet users since 2006.  Someone even took the time to estimate that there will be 957 million mobile internet subscribers in China by 2014.  That is more than the population of North and South America combined. 

As you can imagine, this is an attractive number for malware authors; they know that the nascent technology is used by people who have not developed safe use habits, and exploit this to get their malware on mobile devices (the vast majority of mobile malware requires installation by the user). 

In July of this year researchers reported a new version of ‘Zeus, also known as “Zitmo” that ran on Android phones. According to Trusteer, the mobile malware combines PC based Zeus infections with a mobile component. A user whose PC is infected tries to login to their banking site, this triggers the Zeus virus which asks the user to download an authentication code on to their mobile device to complete their login process. This gives the perpetrators full control over both the user’s PC and mobile device, allowing the malware to generate a fraudulent transaction on behalf of the user and authenticating it by obstructing the SMS verification message on the phone and forwarding it to the malware on their PC. As a result, after sophistically deleting the confirmation message from the mobile device so the user doesn’t see it, it then enters the code on the PC to complete the transaction. One could see how mobile devices have become an exploding platform and growing at a fast rate; many people are predicting that mobile malware will be a big problem (warning: PDF) in the year to come.

Your thoughts: Are you an Android user affected by malware? Are you concerned about privacy issues on smartphones? Let us know