Mobile Malware

Malicious software commonly referred to as “malware” mainly targets desktop PCs. But cybercriminals are increasingly setting their sights on smartphones and other mobile devices. The increasing sophistication of malware and the ubiquitous, ‘always-on’ nature of subscriber devices puts the risk of infection whether on the mobile operator’s own network or via a roaming network beyond their control.
The first virus capable of infecting mobile devices without needing a PC to transmit itself was discovered in the summer of 2004, when the Cabir worm began affecting phones running the Symbian operating system (the dominant platform at the time). Although essentially harmless, it proved that mobile devices are not immune to viruses and opened the door for more dangerous malware in the years following. The first confirmed malware affecting Apple iPhones appeared in late 2009. Malware for Google Android devices began to appear in Chinese app markets in late 2010.
Google’s Android platform has become a larger target for mobile malware writers than Apple iOS. The relative vulnerability of Android vs. iOS comes down to the level of control the vendors have over products and the marketplace for development and distribution of apps. Unlike Apple, which only provides authorized apps through its own App Store, Android follows a laissez-faire philosophy whereby apps are available from a wide variety of sources beyond Google’s official Android Market and anyone can post an Android app to any app market without it being subject to security verification. When an app is made publicly available, anyone can download and install it. In 2011 alone, Google removed more than 100 malicious applications from its app store. However, Google hasn’t always acted in a timely manner to prevent infections.
Mobile threats have not yet broken the device’s security model but are instead more focused on for-pay texting scams or stealing personal information. The most successful mobile malware tactics, including scams, spam and phishing, are classics that dominated the threat landscape when malware first moved to the web. These device-agnostic, easy-to-deploy attacks provide a natural crossover point for cybercriminals that are interested in launching attacks against mobile devices.

Examples

Malicious application is a malicious software that targets mobile phones or tablets. Two types of malicious programs are known to affect mobile devices: Worms and Trojans.
Worms’s main objective is to reproduce and spread to other devices so that it can be copied endlessly.
A Trojan usually appears in seemingly attractive and harmless applications that are downloaded to the device and executed by the user. When activated, the malware can cause tremendous damage by infecting and deactivating other applications or the phone itself, rendering it unusable. Usurpation data (spyware) syncs with calendars, email accounts, notes, and any other source of information before being sent to a remote server.

Mitigation

Mobile Device Management. Main focus of the companies to prevent malware is to take control of the mobile devices and their applications. Mobile device management includes a range of products and services that let IT managers prevent malware and manage other risks, such as lost or misplaced devices and improper employee behavior.
Inform users about mobile risks. A mobile device is a computer and should be protected like one. Users must recognize that applications or games could be malicious, and always consider the source. A good rule of thumb: if an app is asking for more than what it needs to do its job, you shouldn’t install it.
Establish and enforce policies. Companies must develop acceptable use policies, provide VPN technology, and require that users connect through these secure tunnels. If a device does not comply with security policies, it should not be allowed to connect to the corporate network and access corporate data. IT departments need to communicate which devices are allowed. And you should enforce your security policy by using mobile device management tools.
Prevent jailbreaking(root). Jailbreaking(root) is the process of removing the security limitations imposed by the operating system vendor. To “jailbreak” or to “root” means to gain full access to the operating system and features. This also means breaking the security model and allowing all apps, including malicious ones, to access the data owned by other applications. In brief, you never want to have root-enabled devices in your company.
Anti-malware. Make sure all your mobile devices are protected by anti-malware software.