Malware targeting devices running on this OS jumped 37 per cent since last quarter.
Mobile security threats have become a reality. Malware growth for 2011 is set to exceed last year's, with the Android operating system emerging as the main target.
Malware targeted at Android-based devices jumped 37 per cent since last quarter. This puts 2011 on track to become the busiest year in mobile and general malware history, according to a McAfee report. All new mobile malware in Q3 was targeted at Android. Experts feel 2012 will be no different.
| TOP 5 MOBILE THREATS FOR 2012 |
| * On the enterprise side, allowing devices without proper security into the corporate network |
| * Android malware posing as genuine application for stealing information from users |
| * SMS phishing is a concern and will continue |
| * Mobile commerce frauds to prevail |
| * Mobile banking, which is slowly gaining pace, might turn out to be risky for users |
| Source: Industry experts |
For instance, downloading AndroidOS.Tapsnake, an Android version of the popular 'snake' game may appear to be harmless. However, once downloaded, it switches on the phone GPS and relays information about the user's coordinates to a cyber criminal. This is also with Android.Pjapps, a Trojan with back-door entry capabilities that targets Android-based devices. As with the previous threats, it spreads through compromised versions of legitimate applications.
"Cyber criminals are still exploring the smartphone market. We have received a lot of reports of malicious software being circulated in Android marketplaces, and since most Indians do not have updated security software, they run a tremendous risk," said David Hall, regional consumer product marketing manager, Symantec, Asia Pacific.
According to Hall, the Android application ecosystem has inherent vulnerabilities that allows it to be compromised by hackers and security threats. For instance, in Android.Pjapps, it is difficult to differentiate the legitimate version from the malicious one. However, during installation, it is possible to identify the malicious version by the excessive permission requests it gives. When run, both the legitimate and malicious versions mimic a steam effect on the Android-based device's screen. The aim of Android.Pjapps is to build a botnet controlled by a number of different command and control (C&C) servers.
More, Android application packages (.apk) include the file "rageagainstthecage", which is a tool commonly used to root the phone. In legitimate circumstances, this file can be used by the owner of the phone to acquire administrative rights on his or her phone. In this case, rooting can allow the malware, Android.Rootcager, to perform more than the usual activities (eg. taking screenshots) not commonly allowed.
In 2011, India witnessed a proliferation of smartphones, paired with an increase in demand for real-time access to enterprise information and applications via these. Coupled with this were the incidents of malware attacks. A Cisco study says the mobile device is expected to become one of the biggest playing grounds of cyber crime in 2012. India, it says, is particularly vulnerable and the number one source for spam in the world.
The Norton Cybercrime Report 2011 said 10 per cent of adults online globally and 17 per cent in India have experienced cyber crime on mobile phones. Also, the Symantec Internet Security Threat Report said there were 42 per cent more mobile vulnerabilities in 2010, compared to 2009. The number of reported new mobile operating system vulnerabilities increased from 115 in 2009 to 163 in 2011.
"For both enterprises and consumers, we expect cyber crime to increasingly migrate to devices, as more users are doing more on devices, and as more vulnerable devices take off. This is true of Zeus, which uses SMS for phishing, downloading a Trojan and stealing credentials and financial information," said Vinoo Thomas, product manager, McAfee Labs.
Thomas also points out that Android malware has begun a new method of stealing information. "One is Geinimi that poses as a legitimate application and is the first malware that displays botnet-like capabilities. Once it is installed, it has the potential to receive commands from a remote server, allowing the owner of that server to control the phone," he added. Mobspy.A is another malware that steals and records both incoming and outgoing phone numbers and messages and also GPS location. The information is sent to a central server for later retrieval.
Ajay Data, founder of Bharatberry, which provides email and internet services to customers, says, "One should have a password-protected handset, especially those with application-based passwords. I believe paid apps would be safer than the free ones."
E-commerce opens a window of opportunities for cyber fraudsters, as many still see their phone as a communication device, rather than something to be kept secure. Industry experts like Thomas and Data believe unless anti-theft and anti-virus software are installed, with features like remote locking and remote data removal, mobile phones will be havens for criminal activities in 2012.
