Compound attacks identified as the next mobile threat

News by Dan Raywood

A compound threat that uses multiple attack vectors has been named as the new main mobile threat.

A compound threat that uses multiple attack vectors has been named as the new main mobile threat.

According to AdaptiveMobile, the compound threat uses multiple attack vectors (SMS/MMS/email/web/voice) to compromise different aspects of a handset simultaneously. In its 2011 Global Security Insights in Mobile report, AdaptiveMobile examined examines the risks that mobile users face and identified four types of compound threat that have so far surfaced: advanced mobile malware; converged messaging spam; IP reputation; and credit attacks.

Advanced mobile malware is described as one of the most dangerous types of compound threats to emerge to date, as it monitors users' access to banking sites and harvests login details through a combination of routes. Converged messaging spam are simple attacks where the user receives an SMS prompting a reply in response.

IP reputation threats involve devices sending email spam over mobile networks, resulting in mobile devices becoming infected with PC malware that impacts the IP reputation of the operator's network. Credit attacks are threats that seek to trick or stealthily make the subscriber dial a premium rate number.

The report claimed that these new breeds of compound threats are intelligent and built to go unnoticed for as long as possible and as such, mobile security is rising in prominence as a business issue, with threats starting to have more serious consequences for network reputation, performance and subscriber trust.

Gareth Maclachlan, COO of AdaptiveMobile, told SC Magazine that at the end of last year it was talking about doing early analysis and the rate of change with mobile viruses, and the purpose of the report was to analyse the traffic being processed by Tier 1 providers.

Maclachlan said: “There is a nasty emergence of compound threats, we have seen a stock change from simple style attacks using one vector, to threats that try to send a piece of malware to attack multiple actions on a phone to get the phone to become part of a spambot.”

He explained that with the Zeus banking Trojan, banks are working against it by employing secure authentication mechanisms. However with a mobile phone, an SMS message will be sent to a user to download a security update and in fact it will install a mobile virus that passes an authentication code back to the attacker.

Asked if this was representative of predictions made about 2011, Maclachlan said that he knew that operators are taking this seriously, as one operator had lost $1 million after refunding customers who had received a fake message asking them to call a number that charged them $4 a minute.

“The operator paid for this but it took a month to realise this. We are seeing people following the money and this environment is a source of potential illegitimate gain,” he said.

“The more that operators are responding to threats and the security of the network itself, they are developing security in the cloud as that can determine threats, but the malware is designed to be stealthy. It is all trying to steer clear of the radar and the best place to look is in the network. It is more efficient to filter at the operator level, as it is almost impossible (for the end-user) to identify whether a call is legitimate or driven by an application without user permission.

“With the next generation of attacks continuing to emerge so does the need for an intelligent approach to mobile security, keeping the industry one step ahead of the criminals to ensure that such threats do not reach mobile users in the first place.” 


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews