Mobile malware : Malware on the Go Part 1

Posted In Info - By K.C. On Sunday, July 15th, 2012 With 0 Comments

Introduction

Malware are reaching everywhere nowadays. With the flashback trojans hitting macs, the super virus flame for windows and of course the exponential increase(in the past year) in malware for our favourite mobile platform android! I admit the last one is pretty surprising but true.

It won’t be uncommon to see your latest, top of the line phone with a gigahertz processor will also start getting infected like a PC or maybe not! The latest trend shows that  android malware have been acting discreetly. The majority of existing Android malware is very obvious in its intention to provide some kind of benefit, usually financial, to the attacker. The best examples of this are the SMS Trojans that send SMS messages to premium rate service numbers. Even symbian is quite susceptible to malware attacks whereas iOS devices only attract malware when jail broken. Windows Phone 7 seems safe so far. We will be mostly focussing on android malware in this article as it is the new black.

What is mobile malware?

Mobile malware gains access to a device for the purpose of stealing data, damaging the device, or annoying the user, etc. The attacker defrauds the user into installing the malicious application or gains unauthorized remote access by taking advantage of a device vulnerability.

 

History of mobile malware

The first instance of a mobile virus occurred in June 2004 when it was discovered that a company called Ojam had engineered an anti-piracy Trojan virus in older versions of their mobile phone game Mosquito. This virus sent SMS text messages to the company without the user’s knowledge. This virus was removed from more recent versions of the game; however it still exists on older, unlicensed versions.

In July 2004, computer hobbyists released a proof-of-concept mobile malware named Cabir. The worm then attempts to spread to other phones in the area using wireless Bluetooth signals.

In March 2005 it was reported that a computer worm called Commwarrior-A has been infecting Symbian series 60 mobile phones. This worm replicates itself through the phone’s Multimedia Messaging System (MMS). It sends copies of itself to other phone owners listed in the phone user’s address book.

In August 2010,the first malicious program named Trojan-SMS.AndroidOS.FakePlayer.a classified as a Trojan-SMS was detected on the Android platform. It has already infected a number of mobile devices. It sends SMS messages to premium rate numbers without the owner’s consent which can rake up huge bills.

Since then on there has been no stopping in the growth rate of malware for mobiles.

 

By the beginning of 2005, the main types of mobile malware had evolved:

1. Worms that spread via smartphone protocols and services

2. Vandal Trojans that install themselves to the system by exploiting Symbian design faults

3. Trojans designed for financial gain

Why attack Android?

Popularity of the platform: Android has about 300 million users(40-50% market share) with 85,000 activations per day, provides a great market size for the malware. It accounts for 65% of the total mobile malware.  Initially malware mostly targetted symbian due to its popularity but is now declining.

Cabir’s author: “Symbian could be a very extended operating system used in mobile phones in the future. Today is the more extended and in my opinion it could be more yet (M$ is fighting too for being into this market too).”

There must be well-documented development tools for the platform. In case of android which uses java in its apps has one of the best developer guides and documentation.

Cabir’s author: “Caribe was written in c++. Symbian/nokia is giving us a complete sdk for developing applications for symbian operating system.”

The presence of vulnerabilities or coding errors. Android based on linux kernel is open source and also gives great flexibility in programming with its APIs thus favourable to malware authors.

 

Credits : Wikipedia, Securelist
Part of my article in  The Hacker News Magazine

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Email
WP Socializer Aakash Web