Mobile Tech Gives Malware Makers Much Bigger Playground for Mischief
Sep 4, 2012 12:21 PM PT
Twitter-controlled mobile botnets and mobile ransomware are a few examples of what's in store for Internet users in the coming months and years, according to the second-quarter McAfee Threats Report.
In general, mobile tech has emerged as a major vector for hack attacks, with many that might once have been aimed at PCs now focused on other devices. For example, drive-by downloads became a problem for Android this quarter with Android/NotCompatible.A.
Drive-by downloads are similar to drive-by installs on a desktop -- all one has to do to get one is visit an infected site using a mobile device.
Mobile devices have been a key threat for some time -- particularly as more and more of these are entering not just the personal but also the workspace, Steve Durbin, global vice president of the Information Security Forum, told TechNewsWorld.
Android Drawing Arrows
Google's Android OS continues to be a major target, the McAfee report found. Almost all of the new mobile malware detected in the second quarter was aimed at the Android platform in the form of SMS-based malware, mobile botnets, spyware and Trojans.
The threat extends beyond Android to most other mobile devices, however, said Durbin, who pointed to the growing Bring Your Own Device to work trend as a factor contributing to the spike in attacks.
Mobile devices were "never designed to be secure work tools," he said, and their use in the workplace "does not come without its risks."
Still, the interests of malware aren't confined to the mobile space.
New opportunities for hackers continue to mount on all platforms, especially when a variety of strategies are combined -- such as with mobile ransomware, which is malware that restricts access to a computer system and demands a "ransom" in order for the restriction to be removed.
New methods for controlling botnets -- such as via Twitter -- are also gaining momentum. An attacker can tweet commands that all infected devices will follow.
The ability of cybercriminals to make use of mobile malware to launch attacks on both individuals and enterprises is particularly worrisome, observed Durbin.
"The combination of attack vectors, along with the access to devices and an increased level of sophistication on the part of the hacker, hacktivist or criminal, are no longer the stuff of science fiction and dreams," he said. "They are the reality facing security departments the world over, and the impact of such attacks stretches far beyond technical inconvenience to having far-reaching impact on brand, reputation, business effectiveness and ultimately shareholder value."
Thumb drive and password-stealing malware showed significant growth in Q2, McAfee also reported. The AutoRun worm, for example, spreads from thumb drives by executing code embedded in AutoRun files. It then repeats the process on any drives discovered. Password-stealing malware collects account names and passwords, thus allowing an attacker to act as the victim.
The former in particular -- thumb drive malware -- will be a problem for companies, Robert Siciliano, CEO of IDTheftSecurity.com, told TechNewsWorld.
"Business PCs and thumb drives go hand in hand," he said.
What is most worrisome is the sheer volume of attacks, added Siciliano. Not only do they show no sign of abating, but in this latest report they have made a significant increase.
"McAfee Labs detected a 1.5 million increase in malware since Q1 2012," he said.