Mobile malware: a myth buster

October 2011 Information Security

Amit Klein, Trusteer CTO, explodes the myths and dispels the fantasies of mobile malware.

We are all wise to the risks our online antics pose to our security. We have learned not to trust e-mails from Nigerian Bankers offering to share millions in exchange for a small upfront handling fee. Our banks have not monitored fraudulent activity so they do not need us to verify our account details by confirming our information. Messages from DHL with attachments informing us about deliveries we are not expecting do not fool us into opening the document. We are even wise to the links in e-mails that want us to visit websites and win prizes. Why do they not work? Because we have learned the hard way.

When these scams first started circulating people fell for the lies. Some of you will remember, or heard about, the chaos caused in 2000 when people opened an attachment to find out who loved them and spread the I Love You worm. In a single day it travelled around the world causing an estimated $5,5 billion in damages.

So, why are people not heeding the warning that malware has gone mobile and taking steps to protect themselves? The reality is there is a false sense of security surrounding mobile use, especially as victims currently are few and far between, but I am here to dispel the myths and banish the fantasy.

Myth one: Mobile operating systems are sandboxed, so we are safe

Anyone that still believes this is true is living in fantasy land. We have already seen malware that attacks sandboxing – DroidDream is just one that recently made the headlines. It exploited a vulnerability in the android operating system and obtained root privileges, downloading and installing additional arbitrary pieces of software, to assume virtually limitless control of the infected smartphone.

Myth two: Mobile applications are controlled – Apple and Google are watching our backs

Anyone that still believes this myth has a serious case of loyalty overload. DroidDream was found in applications that were being sold through the Google app store proving that the semi-closed, or walled garden, approach that is supposed to protect our mobile devices and prevent malware from infecting the device is flawed.

The simple reason is Google et al want, and actively encourage, developers to create apps with just a $25 entry fee. It is unsurprising that malware writers and spammers are happy to flex their muscles and get a piece of the action. Rogue developers all too easily can get permission or approval to upload their infected applications – that is what they did with DroidDream.

Myth three: There is no money in mobile malware so fraudsters are not interested

Wake up people – we are already in the middle of a third generation of financial malware. Zero generation had users unwittingly dialling premium numbers or sending SMS texts to services that charged them for the privilege

First generation was malware that engaged simple tricks, for example changing the host file of an infected device and redirecting the user’s mobile browser to a phishing site.

Second generation has seen malware increasingly infect the mobile device that works in conjunction with malware already infecting the desktop. In case you are not sure how this scam works, basically malware infects the mobile device and steals SMS verification messages and reroutes them to the fraudster.

The next generation of mobile malware will actually attack the mobile device focusing on mobile browsers or mobile applications themselves to abuse the current users session and commit fraudulent transactions, possibly even with the unintended aid of the user. While at the moment, this could be argued as myth it will not be long before it becomes reality, we are just waiting for banks to introduce the service. Fraudsters have all the tools they need to effectively turn mobile malware into the biggest customer security problem we have ever seen. They are lacking one thing – customer adoption.

I said at the start of this article that people need to heed the warning that malware has gone mobile and taking steps to protect themselves. As I am sure you will agree, I have proven it is not only possible but is happening, so it is time to start affording your smartphone the same protection you do the PC.

www.trusteer.com





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Upgrade your PCs to improve security
Information Security Infrastructure
Truly secure technology today must be designed to detect and address unusual activity as it happens, wherever it happens, right down to the BIOS and silicon levels.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...
DeepSneak deception
Information Security News & Events
Kaspersky Global Research & Analysis researchers have discovered a new malicious campaign which is distributing a Trojan through a fake DeepSeek-R1 Large Language Model (LLM) app for PCs.

Read more...
SA’s strained, loadshedding-prone grid faces cyberthreats
Power Management Information Security
South Africa’s energy sector, already battered by decades of underinvestment and loadshedding, faces another escalating crisis; a wave of cyberthreats that could turn disruptions into catastrophic failures. Attacks are already happening internationally.

Read more...
Almost 50% of companies choose to pay the ransom
News & Events Information Security
This year’s Sophos State of Ransomware 2025 report found that nearly 50% of companies paid the ransom to get their data back, the second-highest rate of ransom payment for ransom demands in six years.

Read more...
Survey highlights cost of cyberdamage to industrial companies
Kaspersky Information Security News & Events
The majority of industrial organisations estimate their financial losses caused by cyberattacks to be over $1 million, while almost one in four report losses exceeding $5 million, and for some, it surpasses $10 million.

Read more...
Digital economy needs an agile approach to cybersecurity
Information Security News & Events
South Africa is the most targeted country in Africa when it comes to infostealer and ransomware attacks. Being at the forefront of the continent’s digital transformation puts South Africa in the crosshairs for sophisticated cyberattacks

Read more...
SIEM rule threat coverage validation
Information Security News & Events
New AI-detection engineering assistant from Cymulate automates SIEM rule validation for SecOps and blue teams by streamlining threat detection engineering with automated testing, control integrations and enhanced detections.

Read more...
Cybersecurity a challenge in digitalising OT
Kaspersky Information Security Industrial (Industry)
According to a study by Kaspersky and VDC Research on securing operational technology environments, the primary risks are inadequate security measures, insufficient resources allocated to OT cybersecurity, challenges surrounding regulatory compliance, and the complexities of IT/OT integration.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.