This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

F-Secure and Nokia join forces to fight mobile malware

Share this article:

The surge in mobile malware is driving F-Secure to pool resources with Nokia's software development division.

F-Secure and Nokia join forces to fight mobile malware
F-Secure and Nokia join forces to fight mobile malware

The steady rise of mobile malware - against the backdrop of the six-year-old hardware industry of smartphones and tablet computers - has led security vendor F-Secure and the software architecture division of Nokia to pool their respective resources.

The rise in mobile malware has been documented by Alcatel Lucent's Kindsight Security Labs research division, which reports that there were 11.6 million mobile devices worldwide infected by malware at any given point during the fourth quarter of last year. The report also notes that actual mobile device malware infections rose by a solid 20 per cent during 2013.

The link-up between F-Secure - whose security business drives the security services of many ISPs worldwide - and Nokia Solutions and Networks (NSN) will help mobile handset and tablet vendors develop integrated anti-malware and security software for products.

Whilst smartphones and tablets now have a wide range of security software - as is the case with desktop machines - malware can still attack at the BIOS or firmware stages, and so compromise the platform before the machine's security software kicks in.

Both firms have not revealed their exact plans for the link-up, but some form of on-device firmware security - similar to that seen on Intel processors, seems likely.

Alcatel-Lucent's Kindsight report, meanwhile, documents the massive scale of mobile malware infections, noting that 60 per cent of all mobile infections originated from the Google Play Android app store last year.

Interestingly, the report also found that 40 per cent of Android infections were side-loaded from a connected host Windows laptop.

Kevin McNamee, Kindsight Security Labs' director said that criminals traditionally go after low hanging fruit.

“Not only is Android the largest smartphone market, unlike the iPhone and Blackberry, it allows apps to be loaded from third party sites. This provides cybercriminals with an un-policed mechanism to distribute their malware which can easily evade detection by device-based anti-virus," he said.

Kindsight's analysis says that 2013 was the year that saw mobile spyware turn infected smartphones and tablets into cyber-espionage devices. These infected devices, says the report, allow hackers to remotely track location, download contact lists and personal information, intercept and send messages, record conversation and take pictures.

Matt Graham, a technical consultant with Manchester-based Apadmi told SCMagazineUK.com that the linkup between F-Secure and Nokia's software arm - as well as the Alcatel-Lucent report - clearly indicates that Android users need to take care when installing apps and connecting their devices to a PC.

"A user is always in full control of which apps are installed on their phone and should be vigilant," he said, advising that users should only install apps from the official app store for their device, as well as examine the permissions an app is asking for, whilst installing the software.

In addition, Graham advises not connecting an Android device to a Windows PC with the device in development mode, nor should they connect their mobile to a public charging station.

Etay Maor, fraud prevention manager with IBM's Trusteer Web security operation, said that mobile malware authors are in a unique position where they do not need to reinvent the wheel in terms of attack patterns and techniques.

"While we have yet to witness a mobile equivalent to a PV Man-in-the-browser malware, cybercriminals are already adapting techniques that proved profitable from the world of online fraud," he said.

Michael Sutton, VP of security research with cloud security specialist Zscaler said though that mobile malware is still in its infancy in terms of sophistication and volume, when compared to their desktop equivalents.

"Part of that is driven by time, with PC malware having been around for decades, but a more important reason has to do to with the App Store ecosystem. The vast majority of mobile malware exists on the Android platform, due to it's more open nature.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Poor admin passwords allow global botnet attack

BrutPos or @-Brt attacks have infiltrated POS systems with botnets largely thanks to weak admin passwords.

UK government criticised for opposing 'right to be forgotten'

UK government criticised for opposing 'right to be ...

The British government has been criticised by the president of a leading UK data protection professional body for trying to water down the 'right to be forgotten' privacy protection now ...

NCA partners with FBI, Europol to disrupt Shylock Trojan

NCA partners with FBI, Europol to disrupt Shylock ...

The UK's National Crime Agency has been working with the FBI and Europol to disrupt the infrastructure behind Shylock Trojan, malware which siphons money from European bank accounts.