Tag: Malware

Categories
Links Writing

Poison Texts Targeting Mobile Phones

While smartphones get in the news for security reasons related to mobile malware, it’s important that we not forget about the other means of attacking mobile phones. USA Today has a piece which notes that,

One type of poison text message involves tricking people into signing up for worthless services for which they get billed $9.99 a month. Another type lures them into doing a survey to win a free iPhone or gift card. Instead, the attacker gets them to divulge payment card or other info useful for identity-theft scams. “Malicious attacks have exploded well beyond e-mail, and we are very aware of their move to mobile,” says Jacinta Tobin, a board member of the Messaging Anti-Abuse Working Group, an industry group combating the problem.

This approach is really just phishing using text messages. It’s significant, but not necessarily something that we should get particularly jumpy about. The same article recognizes that “hackers are repurposing skills honed in the PC world to attacks on specific mobile devices. Particularly, handsets using Google’s Android operating system are frequently the target of hackers.” What is missing in the article is a recognition that text-based phishing can be made considerably more effective if an individual’s smartphone has already leaked considerable amounts of personal data to the attacker via a third-party application. This is the scenario we should be leery of.

Specifically: we can easily imagine a situation where a hostile application that has been installed on a smartphone acquires enough personal information that an attacker can engage in targeted spear phishing. By getting name, address, names of friends and family, places of employment, recent photos that are geotagged, and so forth, it is possible to trick individuals by text messages to ‘give up’ information. Moreover, by first compromising devices attackers can better target specific individuals based on how the phishermen have profiled device owners: they can be choosy and target those who would either be most vulnerable or best resourced. It’s the integration of two known modes of attack – phishing and compromising smart devices – that will be particularly devastating far in excess of either attack vector on its own.

Categories
Links

Papers on Android Mobile Malware

Android often receives high levels of criticism when hostile programs are found in its respective app stores. While anger is high, how prevalent is malware in Android markets? A series of papers, curated by Security Research Computer Laboratory at the University of Cambridge, examine just those questions. Go read them!

Categories
Aside Links

Self-Mutating Trojans Come to Android

Symantec is warning that the next generation of smartphone viruses has come:

Researchers from security vendor Symantec Corp. have identified a new premium-rate SMS Android Trojan horse that modifies its code every time it gets downloaded in order to bypass antivirus detection.

This technique is known as server-side polymorphism and has already existed in the world of desktop malware for many years, but mobile malware creators have only now begun to adopt it.

A special mechanism that runs on the distribution server modifies certain parts of the Trojan in order to ensure that every malicious app that gets downloaded is unique. This is different from local polymorphism where the malware modifies its own code every time it gets executed.

This is a clever means to avoid the rudimentary analysis systems that the major vendors use to ID malware. It’s also (another) indication of how important antivirus is going to become for the mobile marketplaces. I suspect that, by the end of the year, a lot of users (on iOS, Android, and the rest) are going to wish that the post-Steve Jobs smartphones on the market today met Jobs’ initial thoughts regarding smartphones when Apple released the iPhone. Specifically, he held that:

He didn’t want outsiders to create applications for the iPhone that could mess it up, infect it with viruses, or pollute its integrity

While our pocket computers are better now that apps are available, I can’t help but think that Jobs’ earliest worries are now looming at today’s potential nightmares.