Editor’s note: Symantec highlights mobile device users of malware threats and the various types of mobile device malwares. Read about the news below as well as Symantec’s blog post.
With Mobile World Congress happening right now, smartphone and tablet innovations are set to become a reality over the next 12 months. However, as mobile manufacturers and app developers have upped their game each year, so too have malware authors. Symantec discovered an average of 272 new malware variants and five new malware families per month targeting the Android mobile operating system in 2013. These threats have taken aim at mobile devices in several ways, such as by attempting to steal personal and financial information, track users, send premium rate SMS messages, and display intrusive adware.
More information is available in this Symantec Security Response blog here:
We have seen some notable threats that could pave the way for what’s next in mobile malware:
More aggressive financial Android threats
Consumers have been increasingly turning to their smartphones and tablets in order to do their online banking or shopping.
Along with accessing banking apps, mobile devices can be used for two factor authentication (2FA) processes. Once the user tries to log into their online bank account on a computer, a code gets sent to their mobile device, which they can input onto the banking site to verify their identity.
Attackers have caught onto these methods and have developed Android malware to steal these 2FA codes. Threats such as Android.Hesperbot and Android.Perkel intercept SMS messages with 2FA codes and send them directly to attackers. They can also either steal other banking credentials or work with other computer-based threats to compromise victims’ accounts.
Increasing stealth – Android bootkits
Bootkits are used in advanced threats to typically target Windows computers. These threats operate deep within the operating system, usually infecting the computer’s startup code, such as the Master Boot Record, allowing the malware to execute before the operating system starts up. These forms of threats let an attacker maintain persistence on the compromised computer and hide certain processes from detection. As a result, bootkits can be tricky to deal with, as their components are protected by rootkits or other stealth features. Symantec offers Symantec Power Eraser, Norton Power Eraser, or Norton Bootable Recovery Tool to remove these types of threats on computers.
New routes onto the handset
Android malware typically relies on tricking users into installing a malicious application from an Android marketplace. Increased screening of applications is making it more difficult for attackers to get their malicious apps onto the marketplace. Attackers are instead starting to use desktop computers as a vehicle onto Android handsets, leading to the birth of hybrid threats.
To avoid this threat, users should be wary of connecting their mobile device to untrustworthy desktop computers and ensure that they have security software on both their desktop and mobile devices.
Of course, desktops may not be the only medium involved in these hybrid threats. As the Internet of Things becomes a reality, it’s likely we’ll see threats attempt to use mobile devices to infect home automation systems and vice-versa.