New Malware Threats Take Shape in 2012
Think malware can only infect your PC? Think again. Malware is moving to mobile. Mobile malware threats include information theft and hijacked SMS services.
New Malware Threats Take Shape in 2012
Users associate malware with desktop operating systems, but malicious programs also target mobile devices. Over the course of 2011, mobile malware became increasingly common, a trend that appears to continue in 2012.
Malware Attacks in 2011
Malware hit Android devices hard in 2011. The Juniper Networks Mobile Threat Center reported a staggering 3,325 percent increase in Android malware in the last half of the year.
The sharp rise in Android malware reflects that Android devices currently dominate the market, and offer the maximum potential profit to cybercriminals. Other operating systems also saw an increase in mobile malware attacks, although not to the same extent as Android:
- Blackberry: up 8 percent
- Symbian (Nokia phones and some older Samsung phones not running Android): up 1 percent
- Windows Mobile: up 21 percent
Juniper reports a 155 percent increase in malware activity across all mobile operating systems. Despite these alarming figures, mobile devices still account for only a small percent of malware attacks. The vast bulk of malware continues to target desktop platforms.
Types of Mobile Malware
Malware sneaks onto mobile devices in several ways. Cybercriminals add malicious code to a legitimate app, repackage the app and distribute the program through third-party app stores. Online links and vulnerabilities within a phone's operating system also spread malware.
Malware comes in many forms, but most focus on information theft or premium-service abuse. Spyware harvests your location, browser history, international mobile equipment identity number (an anti-theft device) and application lists. Some malware harvests text messages. Add all this together, and the malware writer has enough information to commit identity fraud.
Another route into your bank account is via SMS (Short Message Service, meaning text) messaging. A Trojan is a type of malware that hides malicious code in a legitimate-looking application. In the case of SMS Trojans, this could mean signing you up for premium texting services that run in the background, out of sight, when you’re using the phone. The first indication of an SMS Trojan often comes as palpitation-inducing charges on your phone bill.
Other malware will trick you into signing up for expensive monthly subscriptions to fake services, often without your knowledge, or uses your mobile device to send spam text ads to others.
Looking Forward: What to Expect in 2012
If malware activity in 2011 is any indication, we can expect more of the same in 2012. Inserting malicious code into legitimate banking and financial apps will become more common as people increasingly access their finances through mobile devices. Rates of SMS fraud, already a profitable area for cybercriminals, are also expected to increase.
Botnets are networks of malware-infected computers, used by hackers to spread spam or launch hacking attacks on other networks. Mobile botnets already exist, but are likely to become more common as hackers exploit mobile technology. Mobile botnets allow hackers to make phone calls and send messages over your phone, access user accounts and harvest personal information.
Protecting Yourself Against Mobile Malware
Prevention remains your best defense against mobile malware, which is notoriously difficult to purge from a mobile operating system. Avoid third-party app stores like GetJar and “free” apps. First-party application stores, such as Android Market or Apple’s app store, offer safer applications than third-party sources.
Use a trusted antivirus program on your mobile device, and keep it updated at all times. Back up information on your mobile just as you would (or should) with a desktop platform (Staples advises PC owners to back up their data every day), and keep sensitive financial information off your mobile if possible