There have been over 1,000 instances of Android malware found this year and the rate of growth has nearly doubled since July. Smartphone are increasingly becoming targets for malicious hackers because they are filled with rich data, tied to payments processing services and typically have less security than a personal computer. You thought 2011 was the Year Of Mobile Malware? Wait till you see 2012.
Mobile security firm Lookout has made six predictions for the trends of mobile malware in 2012. Some are rooted (no pun intended) in some of the emerging trends in the latter half of 2011 while others are new and potentially harmful evolutions that could engulf users in a stream of spam, viruses and malware.
Lookout breaks mobile malware into to driving factors:
Profit from infection: how much money can the malware industry extract from infected devices.
Cost of infection: how easy is it to distribute malware.
The second factor informs the first. Malware makers, mobile or otherwise, want to find the easiest route to your wallet. The easier it is to do, the more they will produce. The path of least resistance to rich data that can be monetized or exploited.
Lookout’s predictions fall within one of these two camps.
Profit From Infection
Mobile Pickpocketing [SMS/call fraud] – And you thought direct-to-carrier billing was safe. The recent trend, including 22 applications removed from the Android Market last weekend, has been to lure users into apps that will charge money through text messaging and calling of premium services. GGTracker was one of the first to surface in June 2011. The most recent attack was called RuFraud. As SMS malware is the easiest tie-in to payments infrastructure, Lookout expects to see this trend grow in 2012.
Botnets Come to Life — The first example we saw of malware makers trying to create mobile botnets was with DroidDream attack that launched the Year Of Mobile Malware in January and February. Another botnet aimed at mobile devices was Geimini. Mobile botnets have not been fully deployed but that does not mean that the malware makers do not have the capability in their pockets. Lookout says that 10 families of botnet-like systems were discovered in 2011, with that number expected to grow in 2012.
Vulnerable Smart Devices — Lookout says that nearly every Android smartphone available in the wild has some kind of security hole in it. Complex systems have security bugs, which have been found in both Android and iOS. DroidDream took advantage of two Android vulnerabilities while the PDF security hole in iOS was well documented. This principle really involves any type of computing device that runs an operating system from Max OS X and iOS, to Windows, BlackBerry, Android, Linux etc. Knowing that security holes exist everywhere is a reminder to keep yourself safe.
Cost Of Infection
Automated Repackaging — Piracy is a problem for mobile app developers, especially on Android. The pirates are not only taking money out of developers’ pockets but also consumers when repackaged apps are loaded with nefarious permissions and malware. The recent RuFraud apps were an example of repackaged games loaded with malware. This is an example of minimal work for hackers that has the potential for massive gain as it is not difficult to repackage apps in the Android Market and release them into the wild.
Malvertising — Malvertising has been one of the banes of Web for years and it is starting to go mobile. Malvertising is when there are genuine looking ads that link back to fraudulent sites that can download malware to a device. It has long proven a decent attack vector for malware makers and Lookout expects it will increase on mobile.