The mobile threat – Get Safe Online
Yesterday saw the launch of Get Safe Online week in the UK, an annual event aimed at raising awareness among consumers and small business of the threat from online crime.
The focus of the launch event yesterday was mobile malware and I was asked to give a presentation and demonstration of how this threat manifests itself. The video that I made with the BBC illustrates just how invisible and damaging SMS fraud malware can be and the kind of financial damage it can inflict on the victim.
The history of mobile malware begins back in 2004 with the appearance of Cabir, the forerunner of many later variants. Cabir was aimed at infecting Symbian based devices, it first emerged as a proof-of-concept but was rapidly picked up and abused by those with criminal intent. Cabir made money by sending premium rate SMS messages from infected devices. This means of turning a profit turned out to be so effective that by 2009 SMS fraud Trojans made up a large bulk of mobile malware and that trend has continued and grown with the rise of the smartphone. In fact, the first ever Trojan for Android based devices was also an SMS fraud trojan, known as ANDROIDOS_DROIDSMS.A
Malware exists for all major mobile platforms in fact, renowned mobile securtity researcher Charlie Miller announced yesterday that he had devised a way to embed functionality in apps for Apple’s iPhone which allowed them to download and run code after the intial application had been installed. His proof of concept app had been checked by Apple and was available in the App Store since September.
If you are interested in finding out more about the history of mobile malware you can download my paper on that very subject right here.
The TrendLabs mobile threats information hub can be found here.
Spotlight
Cloud Computing
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
- Wall Street has data security concerns over Bloomberg reporting
- Security in backups means more than just encryption
Virtualization
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Internet Safety
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Vulnerabilities & Exploits
CTO Insights
First Line of Defense
Newsletter
Stay up to date with the latest news and information on online threats.
Recent News
- Twitter now offers two-factor authentication
- DHS needs better sharing plan, experts say
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
Tag Cloud
cloud cloud computing cloud computing security Cloud Security Compliance & Regulations Consumerization Current News cybercrime Data Privacy data security Encryption Government Policy Internet Protection Internet Safety Internet Safety - DO NOT USE Internet Security Malware Mobile Security Mobility Policy Policy - DO NOT USE Privacy Privacy & Policy Private Cloud Public Cloud Reports Research Spotlight threat intelligence threat research Trend Labs Underground Economy virtualization Vulnerabilities Vulnerabilities - DO NOT USE web security web threats
Comments
No comments yet