Preparing for mobile emergencies
The industry who cried wolf
Recently a friend asked me to recommend a mobile anti-malware product for his use.
I am loathed to state any one product as the best, as I firmly believe that there are different products that are best for different people's needs. There cannot and should not be one product that is all things to all computer-using people.
As he is using a platform that has seen a lot of malware development, it is wise of him to start investigating using anti-malware products now. While malware on mobile devices is not yet an everyday affair like it is for Windows users, it's better to have your defences in place before an emergency.
All signs indicate that the day is fast approaching when these infections will be common. But security products exist today that can secure your devices and protect sensitive information.
In a previous article I noted my surprise at how advanced anti-malware products are, right out of the gate. They did not begin as simple, single purpose security products, but as broad security suites that address the specific needs of smartphone users. Developers of anti-malware products are taking what they've learned about stealthy, financially-motivated malware, and applying this to a new class of product.
Not surprisingly, malware authors are not reinventing the wheel either. Rather than going through the various stages of malware that are typical of exploring new operating systems, malware is jumping straight away to modern and sophisticated techniques.
According to a recent report by Juniper Networks, the Android app marketplace is becoming home to malware tactics that mirrors that which is commonplace for Windows malware; specifically, techniques for getting maximum bang-for-buck when your malware may only be on a system for a short while.
Other vendors' reports and anecdotal evidence also points to the surprising sophistication of mobile malware, including malware growing directly from well-known Windows-based malware families.
The Android app market is monitored such that objectionable apps can quickly be rendered inaccessible, however not before it may have hit hundreds of users. Malware authors have countered this by pumping out large numbers of packages so that people monitoring the Android marketplace are playing ‘whack-a-mole,' constantly swinging away at these threats.
Once these threats are on a user's phone, it's hard to tell just how many of these threats stay on the device or for how long. Events from this summer pushed Google to actively pull threats from affected Android devices. It's unknown if this was a one-time event or the beginning of a standard policy.
Currently backdoor and spyware type Trojans are the threats that are most similar to Windows malware and are being pushed right now. The spyware can surreptitiously swipe the usual financially valuable data, and the backdoors are primarily useful as a way to keep downloading new components or updated versions of the malware.
Premium rate SMS malware is also common, which is something akin to porn dialers, which were common some years ago. These threats are gaining privilege escalation by utilising vulnerabilities within Android operating system on devices where updates are not current.
Now is the time to get ahead of mobile malware by investigating smartphone security products. Third party test and reviews are becoming more plentiful, so you can stay informed on this new industry as it develops.
Lysa Myers is director of research at West Coast Labs