Viruses and other malware have long been a threat to computers only. But as smartphones become too smart for their own good, the bad guys are targeting them more and more with viruses.
And as has already happened with computers, the smartphone assault is expected to be led by cybercrimimals aiming to turn a profit.
Just last week, security experts discovered what they say is the first Trojan malware virus directed at smartphones running Google’s Android operating system. Security vendor Kaspersky Lab said the Trojan, named Trojan-SMS.AndroidOS.FakePlayer.a, had already infected a number of mobile devices.
Once installed on the phone, the Trojan begins sending text messages, or SMS messages, to premium rate numbers — numbers that charge a fee — without the owners’ knowledge or consent, taking money from users’ accounts and sending it to the cybercriminals.
Significant turn of events
This is a significant event, according to mobile security company Lookout Inc.
First, this is the first instance of a Trojan on the Android platform which, to date, has mainly been affected only by spyware, software that obtains information from a user's device without the user's knowledge or consent, and phishing attacks, a process used by cybercriminals to acquire a user’s personal information by masquerading as a trustworthy entity in an electronic communication.
Second, the motive behind this attack is profit, carried out through charges from premium-rate SMS messages, which may indicate a broader shift toward profitable cybercrime on phones, according to Lookout. And that means more sophisticated malware (malicious software) and more organized perpetrators, according to the company.
One of the reasons for that seems to be the proliferation of smartphones. More than 54 million smartphones were shipped worldwide in the first three months of this year, a 57 percent jump from a year ago, according to research firm IDC. It’s a fact not lost on cybercriminals.
According to Lookout, because smartphone use is becoming more widespread, the bad guys are looking at web browsing and the downloading of Web applications (apps) as two ways to attack Android handsets, iPhones, BlackBerrys and Windows Mobile smartphones and spread those malicious Web apps. Some of these viruses can harvest or erase stored phone numbers and text messages as well as retrieve information that can be used to disclose a user’s location.
And like the virus that affects Android smartphones, scammers have also infected smartphones running Windows to trigger premium-rate phone calls. Mikko Hypponnen, senior researcher at Finnish antivirus firm F-Secure, first discovered the virus, which begins by spreading infections via a popular 3-D game delivered as a Web app.
However, although some software security experts think smartphones are fast becoming the new target for hackers, according to Hypponnen there are currently only about 500 mobile phone viruses.
“There are more phones on the planet than computers. And it’s easier to steal money from phones,” said Mikko Hypponen, chief research officer at security firm F-Secure Corp.
Filling a crime void
According to F-Secure, the reason there haven’t been more mobile phone attacks is because Windows XP computers are still the easiest devices to exploit. The Windows XP operating system is still extensively used throughout the world although Microsoft no longer supports it.
But as XP disappears, the cybercrooks will begin looking to smartphones because it’s easy to make money exploiting them. As in the case of the Trojan attacking Android-based phones, users will be billed for charges they never authorized—money that will be go right to the criminals.
In a video interview recorded at the Black Hat USA 2010 conference in July, Hypponen said even though a smartphone running any operating system can be targeted, he thinks those running the iPhone, Android and Symbian operating systems will be the targets of choice for the criminals because they are the most commonly used. He said most of the attacks on smartphones are originating in Russia, South America, parts of Asia, and China.
Hypponen said so far attacks on smartphones have mostly involved tricking users into clicking on a link and divulging personal information. But he expects to see mobile smartphone worms, a form of malicious software, that replicate and automatically spread to everyone listed in a phone’s address book. Such a worm could spread an infection worldwide in only a couple of minutes, he said.
According to Lookout, there are some steps consumers can take to stay safe:
- Only downloading applications from trusted sources.
- When downloading applications, users should always check the permissions the application is requesting. Users should use common sense to ensure that the permissions match the type of app they’re downloading.
- Downloading a mobile security application for a phone that scans every application downloaded.