Mobile the new malware frontier

Not having anti-virus software on your smartphone is a common mistake. In fact, some surveys have estimated only 5 per cent of smartphone users are using mobile antivirus software.

However, the threat landscape has now evolved to include a number of malware families which are specifically designed to target smartphone devices.

Security provider Sophos estimates there to currently be more than 2,000 pieces of mobile malware operating on any given day. In its latest Mobile Security Threat Report, Sophos pinpoints the myriad ways smartphone users can become victims of an attack. Namely, when a smartphone is compromised by malware, it can illegally watch and impersonate you, participate in dangerous botnet activities, capture your personal data, and steal you money.

Indeed, as Michael McKinnon, Security Advisor at AVG points out, monetisation is at the very core of the threat landscape. “The antivirus industry wouldn’t have evolved if all viruses were benign, and people weren’t actually trying to steal money from you,” McKinnon tells Dynamic Business.

He also believes that remarks around internet security being a ‘war’ of sorts are unhelpful. It’s better users think of security as simply a consequence of digital life – much like locking all the doors to your house, its time users start viewing their mobiles as another door.

McKinnon points out that apps in particular can be a weak spot for users.

“I think the expectation is that when you download an app, and it’s asking you to share information, you just assume it’s secure. You don’t have the benefit of being in a web browser where you can see the padlock and the green URL bar. With a mobile app – many assume the app would be secure, but unfortunately a lot of app developers haven’t been acknowledging security best practice.”

Bogdan Botezatu, Senior E-Threat Analyst at Bitdefender also weighs in that despite many pieces of malware being easily detectable, the fact that a mobile user doesn’t have any anti-virus software installed makes them vulnerable. Botezatu also adds that it boils down to how an individual uses their phone.

“If you’re just using your phone for really basic things, like Facebook, Twitter, mail, sending sms messages, and standard browsing for example, the chances are you’ll be safe. But if you’re curious and go beyond that, you won’t be,” he says.

A Bitdefender analysis of 836,021 free Android apps recently revealed that about a third can access a user’s location, while almost one in 30 can leak users’ e-mail addresses and even more can read contact lists, access photos or read browsing history.

“Once this data is accessed, the phone’s owner has no control over who sees it and how it is used. Modern mobile phones are less of a phone and more of a mobile computer. The unchecked use of apps can pose serious risks to a user’s privacy,” Catalin Cosoi, Chief Security Strategist at Bitdefender says.

Related Stories