2011 has been a busy year. It had its ups and downs and lots of casualties on the cyber security side of things. And why not? The transition of cyberpunks from PC to mobile devices was an easier process than expected. And it’s not just cyberpunks. Even legitimate companies such as Carrier IQ, the provider of Mobile Service Intelligence Solutions for the whole of the wireless industry, eavesdrop on what you’ve been doing online with and key loggers that make consumers skin crawl with creepiness.
Protecting the mobile ecosystem
When we talk about mobile, the first thing that normally comes to mind is the ongoing battle between two of the biggest names in the industry; Apple and Android. Among the many marketplaces today, the Android Marketplace and Apple Appstore do a spectacular job in banning applications when needed.
Android bans applications primarily on the basis of breach privacy, security and business relations. Examples of these apps include: the furtive SMS replicator that once installed into someone else’s smartphone, forwarding all of that person’s text messages to the planter’s phone; Golddream, which surreptitiously make calls using someone else’s phone without the owner’s knowledge; and GG Tracker, which subscribes a victim to premium services that will run up the victim’s charges.
Even mobile games such Angry Birds are becoming a popular guise for malware as they pretend to be Angry Birds add ons. We also have rogue code called Plankton, which has the ability to remotely access a command-and-control [C&C] server for instructions, and upload additional payloads. Skype for Android also takes a chunk of the malware heartache as the vulnerability of the app exposes user information. In March, the Android Market banned 50 apps containing Droid Dream which is considered the “mother of all Android malware.” In the same month, after the Android Market suffered from Android.Rootcager, it released an Android Market Security Tool that was supposed to fix the problem but it ended up taking another blow, as a fake version makes its way through third-party marketplaces. These marketplaces indeed threaten security. From Lookout:
“While these markets serve a legitimate need for localized apps, they also host pirated and repackaged apps. Nearly 11% of the apps also available on the Android Market were found to be repackaged and likely submitted by someone other than original developer.”
Apple, on the other hand, leans much towards banning as part of its competitive business methods. Sometimes apps are banned if they compete against Apple’s own offerings, such as Google Books.
Android maxes out on malware
Android, being the most pervasive mobile OS on the planet, tops the malware hit list and the intrusion is usually carried out through stealth attacks. Even NFC and Mobile Wallet tech, of which Google is a strong proponent, merely encourages hackers and malware makers. Its market share is expected to go up from $170 from 2010 to $630 billion in 2014. QR codes have become portals for malware opening to your smartphone, and it can be tampered with as well. In fact, much of McAfee’s Mobile Threat Predictions for 2011 turned out to become real threats. No wonder security companies are getting huge amounts of funding to bulk up security. AVG, for example, got $235 million this year.
What you can do to stop malware
It’s true that mobile malware is on the rise but there are things that you can do in order to reduce the chances of you getting them. Here’s an infographic from BullGuard detailing to let you understand how malware works, how you get them and what you can do to avoid them. Lookout also released its predictions for mobile malware threats in 2012 using big data. Web and mobile policies and proposals are getting a lot of attention during the RSA Conference 2011 in February.