Cyberthugs Love Smartphones and Leaky, Sneaky Mobile Malware
Cyberthugs just love smartphones, especially Androids, since mobile phones can be loaded with most all the juicy personal and financial data that a computer can be. Despite all kinds of security firms warning that mobile malware is on the rise, many users still adore changing apps more often than undies. The upcoming Black Hat security conference will include several mobile device presentations to wreak havoc like Don Bailey's "War Texting" or mobile device proof-of-concept attacks like Hassell and Macaulay's "Hacking Androids for Profit" with "AppJacking" and "AppPhishing."
When Krebs on Security reported on Zitmo, a ZeuS trojan that runs on Google Android, Krebs spoke with security firm Trusteer CEO Mickey Boodaei about the future of mobile malware. Boodaei predicted, "that within 12 to 24 months more than 1 in 20 (5.6%) of Android phones and iPads/iPhones could become infected by mobile malware if fraudsters start integrating zero-day mobile vulnerabilities into leading exploit kits."
Also at Black Hat, Dasient's Neil Daswani will give a talk about "mobile malware madness," including a of demonstration of "how web malware threats such as drive-by-downloads and malvertising are on the horizon for mobile devices." Additionally, Dasient discovered 800 of 10,000 Android apps leak personal data and 11 apps can send "unwanted SMS messages" in order to spam other smartphones. Daswani told Dark Reading that most drive-by-downloads are "noisy" and crash the browser so it can steal data from a mobile device, but that will change in the future. "Mobile malware authors will discover methods to deploy the malware without crashing the device, effectively hiding the infection and enabling attackers to steal data for a longer period of time without being detected."
While malicious apps and Android threats may be on the rise, Apple has its share of mobile device malware issues as well. Earlier this month, ZDNet reported that iPhone devices were "hacked with a zero-day font vulnerability" in which the JailbreakMe.com exploit acted like a drive-by-download attack. While awaiting Apple to release a patch, ironically the "best way to remain secure" was jailbreaking. According to "Comex" and info on the JailbreakMe site which also released a patch, "I did not create the vulnerabilities, only discover them. Releasing an exploit demonstrates the flaw, making it easier for others to use it for malice, but they have long been present and exploitable. Although releasing a jailbreak is certainly not the usual way to report a vulnerability, it still has the effect of making iOS more secure in the long run."
Mobile security firm Lookout recently tore apart the Android trojan threat GGTracker that could sign Android users up for premium rate SMS subscription services. It was believed that users were clicking on "malicious in-app advertising" and being redirected to a spoofed Android Marketplace site that started a drive-by-download.
Slick SMS tricks that can end up costing users a small fortune are nothing new as F-Secure's Mikko Hypponen gave a Black Hat presentation last year called "You will be billed 90,000 for this call." We've also seen other Android apps that rack up huge texting charges, a sensory malware Android app that listens and then steals credit card data, and zombies and Angry Bird mobile malware attacks.
A simple search shows new tainted mobile apps nearly every day. ViaForensics has long been analyzing the security of mobile apps to help protect users. Clearly mobile malware is only going to increase. McAfee said, "Mobile malware is the new frontier of cybercrime." Symantec said the Android threat shows that cybercriminals are getting bolder about mobile malware strategies and "thinking outside the box."
Lookout Mobile Security unveiled the Mobile Threat Network platform "that automates the threat detection and analysis process to stay ahead of growing mobile threats and protect users as quickly as possible." It detects anomalies, runs 500 million scans daily, and is powered by an App Genome Project, a database of more than 700,000 apps and growing by about 1,000 daily. Lookout has partnered with Verizon Wireless to deliver its Mobile Threat Network to protect Verizon's V Cast App Store.
Lookout offers a free security app available on the Android Marketplace that offers protection against phishing, malware, spyware, can help locate a lost or stolen phone, and can be used to backup and restore your mobile phone data.