Mobile malware explodes, hits corporate networks

Jun 26, 2013 by Rob Lever
Illustration photo shows SMS text messages displayed on a a smartphone. Smartphone users have seen an explosion of malware in the past year, dominated by schemes targeting Google's Android operating system, a survey showed Wednesday.

Smartphone users have seen an explosion of malware in the past year, dominated by schemes targeting Google's Android operating system, a survey showed Wednesday.

The attacks are also starting to hit , possibly as part of broader espionage efforts, according to the Mobile survey.

The report showed a 614 percent jump in mobile malware in the 12 months to March 2013, with attacks accounting for 92 percent.

The prevalence of Android malware is not surprising in light of its dominance of the global smartphone market—around 75 percent—Juniper said the with less regulation makes it more prone to attacks.

"Android does not have as rigorous a vetting system" as rival platforms such as Apple's iOS and BlackBerry, said Karim Toubba, a Juniper vice president.

"But the reality is that all the operating systems have vulnerabilities."

Toubba said the dominant scheme to "monetize" the attacks involves SMS text messages which infect a smartphone and surreptitiously deliver new messages to a "premium" SMS service, for a fee.

These services, which mimic legitimate ones such as those for voting on , can charge small fees such as 10 cents or 50 cents. The hackers can quickly cash in by infecting large numbers of devices, and can easily shut down and set up new numbers to avoid detection.

Hugo Barra, Google VP of product management for Android, pictured at the Google I/O conference on May 15, 2013. Some malicious software gets into official channels such as Google Play, but third-party vendors have much more malware, a survey showed Wednesday.

"They can spin it down and leave no trace," said Toubba.

The typical SMS Trojan takes in a quick $10 for the , with profits multiplying as the schemes are repeated.

Many users are tricked into installing malware by messages or emails disguised as software updates.

Toubba said some gets into official channels such as Play and the Apple App Store, but that third-party vendors have much more malware.

"These marketplaces are popular targets which provide little to no review process," Toubba said.

Not surprisingly, the survey found many of these malicious apps stemming from sites in Russia and China.

Apple users who "jailbreak" their iPhones to use on unauthorized carrier networks often use these third-party networks because they may get locked out of the App Store.

Many users fail to even notice when their device is infected, because it may result in a charge of just a few cents on their phone bill.

Juniper found that more sophisticated attacks are starting to emerge, including those that create "botnets" to expand the infections, and other schemes which can be part of a broader corporate or government espionage effort.

"They can use the mobile device to do reconnaissance and go deeper into the corporate network," Toubba said.

This is particularly worrisome for companies which allow employees to use their own devices for corporate networks.

Juniper's report said it "saw several attacks that could potentially be used to steal sensitive corporate information or stage larger network intrusions."

"It is clear that the threat of mobile malware to corporate devices is no longer a theoretical one. We expect the presence of mobile in the enterprise to grow exponentially in the coming years," the report said.

Explore further: What metadata does the government want about you?

add to favorites email to friend print save as pdf

Related Stories

Staggering surge in Android gadget viruses: Juniper

Nov 16, 2011

The arsenal of malicious code aimed at Android-powered gadgets has grown exponentially, with criminals hiding viruses in applications people download to devices, according to Juniper Networks.

'Phishing' scams explode worldwide, researchers shows

Jun 21, 2013

Those insidious email scams known as phishing, in which a hacker uses a disguised address to get an Internet user to install malware, rose 87 percent worldwide in the past year, a security firm said Friday.

Cyber crooks cranking out new weapons experts warn

May 23, 2012

Cyber criminals are cranking out new weapons at a brisk pace, tailoring malicious software for a spectrum of gadgets including smartphones, tablets, and Macintosh computers, a security firm said.

Kaspersky warns phone users of PC-infecting malware

Feb 05, 2013

(Phys.org)—Kaspersky Lab has a new warning for smartphone and tablet users. Yes, it's all about Android. No, it's not like anything you've been warned about before. Lab Expert Victor Chebyshev has discovered ...

Cyber-security expert finds new flaw in smartphones

Feb 24, 2012

Just as U.S. companies are coming to grips with threats to their computer networks emanating from cyber-spies based in China, a noted expert is highlighting what he says is an even more pernicious vulnerability in smartphones.

Recommended for you

What metadata does the government want about you?

Aug 28, 2014

With the leaking of a discussion paper on telecommunications data retention, we are at last starting to get some clarity as to just what metadata the Abbott government is likely to ask telecommunications ...

To deter cyberattacks, build a public-private partnership

Aug 25, 2014

Cyberattacks loom as an increasingly dire threat to privacy, national security and the global economy, and the best way to blunt their impact may be a public-private partnership between government and business, ...

User comments : 4

Adjust slider to filter visible comments by rank

Display comments: newest first

dogbert
2 / 5 (6) Jun 26, 2013
These services, which mimic legitimate ones such as those for voting on TV programs, can charge small fees such as 10 cents or 50 cents. The hackers can quickly cash in by infecting large numbers of devices, and can easily shut down and set up new numbers to avoid detection.


Something I find hard to understand is that a scheme such as the above requires that the carrier (Sprint, Verizon, AT&T, etc.) charge your account for the SMS messages and then send the money to the thief. Since such messages are sent to a number which is not a phone number (e.g.: 9907), the carriers have to set up the numbers for the thieves and then send them the money. Why can't the carriers simply not set up the numbers, collect the money or send it to the thieves? When the money is sent to an account, someone owns that account. Why can't the owner be traced?
geokstr
2 / 5 (4) Jun 26, 2013
Dogbert, have you seen any stories, ever, about the Russians or Chinese cracking down on cybercrooks, unless it's hurting their countries, of course? I have a feeling that they look the other way if the victims are in the US, Europe, Japan, South Korea, et al. I wouldn't even doubt that some of it originates from their governments.
dogbert
1.8 / 5 (5) Jun 26, 2013
geokstr,
No, I haven't seen any country try to stop this. But why are our mobile telephone companies working with thieves?
evropej
1 / 5 (1) Jun 26, 2013
There is no reason the carrier would do anything since no one is complaining. Unless people start complaining about things like this, they will do nothing. The way you fix the problem is to patch the holes. There is a reason why Apple is so strict with applications. Being an open platform has its disadvantages. The same can be said for malware sites, why are they allowed to exist in DNS servers when they know its spreading infections? Its a big business, end users are at the wrong end of the deal.