History of Mobile Malware (part III)
mobilesecurity.com [London, UK] In the final instalment of our ‘history of mobile malware’ series, we take a look at the most prevalent threat for smartphone users today - the rise of Android malware.
Launched in 2008, Google’s Android operating system didn’t boast a big enough user-base to attract virus-writers in its first two years, but by 2010 its potential as a platform for malware was clear. Android simply wasn’t as secure as Apple’s iOS operating system. Google’s open model made it possible for a range of app stores, some illicit, to operate, and made it easy for malware to use social engineering methods to propagate. It was even possible to smuggle malware onto Google’s own Marketplace store; difficult in Apple’s more carefully controlled ecosystem.
The first Android Trojan, AndroidOS.DroidSMS.A was a classic SMS fraud app, emerging in August 2010. In the same month, another Trojan was discovered in the game TapSnake, with this one transmitting the GPS location of infected phones. Meanwhile the notorious FakePlayer app was allowed to spread under the guide of a Movie Player app. It wasn’t the most effective video player, but it did a marvellous job of sending SMS messages to premium numbers.
By the end of 2011, Android had overtaken Symbian and J2ME to become the lead platform for mobile malware. While iPhone users hadn’t been entirely protected, the most serious threats only affected Jailbroken iPhones. Android threats, however, were only becoming smarter. Backdoor malware was allowing hackers to take control of infected devices, while Android spyware was stealing user-date and information that would make devices even more vulnerable. The NickSpy Trojan even went so far as to record owner’s phone conversations and upload them to a remote server, while variants added text messages. Call data, GPS coordinates and photos to the package.
2011 also saw the first mobile Man in the Middle attacks hit the Android, Blackberry and Windows Mobile platforms. Working in conjunction with the successful Zeus PC Trojan, ZitMo (Zeus-in-the Mobile) worked to gather information, such as mobile authorisation codes, from smartphones that could then be used with data gathered from the user’s PC to access bank accounts.
While Google has done much to beef-up Android security, Android’s huge market-share (70 per cent of smartphone sales in Q4 2012 according to Gartner) guarantees that it will be the leading malware platform for the foreseeable future, particularly as its share of the tablet market develops to match.
The question is: what threats are coming, and what will the world’s security experts do to repel them? That’s a question we’ll look at in a later series of articles: The Future of Mobile Malware.