Tuesday, February 4, 2014

Mobile Malware Milestone

Did you celebrate or castigate?

You might not know but last week was the 10 year birthday of Cabir, the first mobile malware. It spread through Bluetooth after infecting the Nokia Series 60 phones running Symbian. Also last week, Kindsight Security Labs (Alcatel-Lucent) released the results of a study (pdf) that found more than 11.6 million mobile devices are infected by mobile malware at any given time and that mobile infections increased 20% globally in 2013.

This, obviously, increases risk for stolen personal and financial information, can lead to bill shock resulting from hijacked data usage, or extortion to regain control of the device along with allowing bad guys to remotely track location, download contact lists, intercept/send messages, record conversations and best of all, take pictures.

About 60% of all mobile infections involved Android devices that downloaded malicious software from the Google Play store and 40% were Android phones that received malicious code while tethered to a Windows laptop. Both Blackberry and iPhone combined to represent less than 1% of all infected devices. 4G LTE devices are the most likely to be infected and the number of mobile malware samples grew 20X in 2013. This will only get worse as new strains are released, like the proof of concept code that is capable of tracking your taps and swipes as you use a smartphone.  That's right, monitor touch events. Say a phone has not been touched in a while and suddenly there is 4 touch events. Well, that's probably a PIN, according to Forbes contributor Tamlin Magee. Add to that a screenshot, now you can overlay the touches with the screenshot and know exactly what is being entered.

You know it and I know it: The more we become one with our mobile devices, the more they become targets. It holds our most precious secrets which can be very valuable to some. We need to use care when operating such a device since, in many ways, our lives depend on it. And it is usually around this point in the article that I chastise mobile users for careless behavior but in this instance, there are certainly times where there is nothing you can do. You can be paranoid, careful and only visit the branded app stores yet the risk is still present.

Ten years in and we're just getting started.

ps

Related:

 

Connect with Peter: Connect with F5:
o_linkedin[1] o_rss[1] o_twitter[1]   o_facebook[1] o_twitter[1] o_slideshare[1] o_youtube[1]

No comments:

Post a Comment