An ethical hacker's view on mobile malware and how to stop it

By Jaime Blasco, head of labs, AlienVault, Network World |  Security, mobile malware

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.

As our mobile handsets become more than just a way to make and receive phone calls their appeal to criminals increases. Mobile malware, once theoretical, is now very much a reality and a growing threat.

For the business user that accesses the corporate net for email, compromised devices can give criminals access to data that can prove lucrative in the right hands. For VIPs it could be a little more personal, as the smart devices broadcast their locations via GPS. Even for the man on the street, with the introduction of mobile payments apps, there's more to lose than just contact lists and photos.

DIRTY DOZEN: Most vulnerable smartphones

IN PICTURES: 12 'White Hat' hackers you should know

Malware on smartphones is used by criminals to make money. They steal information (contact details, emails, personal data or even financial information; they hijack browser sessions), interfere with online banking transactions and circumvent one time password (OTP) security procedures, or even send SMS messages to premium-rate numbers.

A worrying trend: Attacks are increasingly targeted at executives due to the valuable data they're carrying on their phones. Using a combination of SMS and social engineering tactics, hackers can spoof the phone number of a friend or a colleague to send an SMS asking the victim to click on a suspicious link, opening up the phone to attack.

To prevent malware spreading the mobile operating systems are pursuing a number of approaches. Apple and BlackBerry, for example, have introduced security protocols in tandem with a meticulous acceptance process for apps offered via their stores.

Originally published on Network World |  Click here to read the original story.
Join us:






Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question