Mobile Viruses Could Get Nasty Fast

The dream of a connected world where PCs and mobile phones can communicate with the digital home and other devices is supposed to make life easier. But it could instead make life far more dangerous if malware developers have their way.

And it's not just the possibility of losing a credit card number. With microchips and software becoming more and more a part of life, such as in cars, homes and mobile phones, the threats multiply dramatically.

For example, mobile phone services in some countries let people see what's going on inside their house via a Web cam connected to motion sensors, snapping a picture and sending to the homeowner if anything seems awry. But a hacker could use that same Web cam to see if anyone's home, and perhaps break in. Or invade people's privacy by taking pictures of what's going on in the house. And could a marauder hack into a driver's mobile phone use it to shut down certain automobile systems, like the brakes?

Newest Challenge

Such scenarios are becoming increasingly possible as more gadgets, such as mobile phones, become connected to the Internet, said Dhillon Kannabhiran, founder of the Hack in the Box Security Conference being held in Kuala Lumpur, Malaysia, this week.

Part of the problem is that stronger security in PCs and on servers has made it more difficult to attack such devices.

"These kind of exploits are getting fewer and far between, so people are looking for new platforms to attack," said Kannabhiran, adding that hackers will take far greater interest in third-generation (3G) phones because being online all the time makes them more accessible.

The threat of malware attacks on mobile phones has already increased dramatically in the past year as smarter phones that use more software, allow Internet surfing, and act as personal digital assistants gain popularity.

"Vendors are concerned with the alarming rate smart phone viruses are starting to come out now," said Anthony James, senior product manager at security specialist Fortinet, in an interview.

F-Secure, another vendor of antivirus tools, says the current total count of known mobile malware stands at 87, up from less than 10 early last year. A total of 82 of those viruses were written to run on the Symbian series 60 operating system.

Mobile Targets

Symbian is the world's most popular mobile phone operating system. The large number of virus attacks on Symbian don't mean it's less secure than other operating systems, it just shows how popular Symbian devices are, and thus "they are the most interesting target for malware authors," according to F-Secure.

The Symbian OS led the global smart phone market with a 62.8 percent share at of the end of the second quarter, followed by Microsoft at 15.9 percent and PalmSource with 9.5 percent, according to industry researcher Canalys.com.

The trouble with the connected world is that faster download speeds for mobile phones and other devices increase the possibility of infection and spreading, said Todd Thiemann, director of device security marketing at Trend Micro, speaking at the 3GSM World Congress Asia in Singapore.

He said the mobile malware seen so far has been done by hackers testing their mettle against current mobile phone security, and that the threat will increase as more virus authors get into the game.

The latest example is the Cardtrap virus, which targets handhelds running the Symbian OS. The virus is slightly more advanced, in that its goal is to infect a user's PC. When the phone's memory card is inserted into a Windows-based PC, which a user might do to clean the virus, a worm on the memory card automatically installs and runs the virus on the PC, according to Thiemann.

Expect viruses like these to become more common and more destructive as devices link up to the Internet.

  
Shop Tech Products at Amazon