Mobile Device Security Threats Attract Cybercriminals


Mobile device platforms have become the latest and greatest attack point as mobile device security threats rose to new heights in 2010's fourth quarter and will continue into 2011, security researchers said.

According to the McAfee Threats Report: Fourth Quarter 2010, a growing number of security threats to mobile platforms are emerging as pieces of new mobile malware increased by 46 percent from 2009 to 2010. The report notes that as more consumers use mobile devices and tablets for personal uses and business, cybercriminals have caught on. McAfee Labs said it's seen a steady incline in the number of mobile device security threats.

"The reason mobile devices have become such a big attack space is because they're being used for so much," Adam Wosotowsky, principal engineer at McAfee Labs, told CRN.

In the fourth quarter, the main mobile device security threats were the high-profile SymbOS/Zitmo.A and Android/Geinimi, a Trojan inserted into legitimate mobile apps and games on the Google Android mobile platform.

Wosotowsky said that mobile device security threats are starting to emerge in greater numbers as cybercriminal have started finding ways to make money off of them, whether through malicious apps, mobile device-based e-mail phishing scams or putting spyware onto devices to access mobile banking details or other personal information

"For a while the difficult thing to do was to make money off of mobile malware," he said.

And it appears that Google's Android mobile platform has become a prime target, more so than its mobile OS counterparts from Apple and RIM BlackBerry. Android has bubbled to the top because it has looser restrictions on developing and building applications for the platform.

"In the case of Android, it's a lot easier to write an application to it," Wosotowsky said.

At the 2011 Kaspersky Americas Partner Conference last week, Kurt Baumgartner, senior security researcher for Kaspersky Labs said that as the mobile arena grows, exploits and spyware are being aimed at the Android platform.

"Really clever people are trying to force spyware onto the Droid," he said.

Baumgartner said the consumerization of IT has led to users leveraging the same device for personal and business tasks, which whets an attacker's appetite.

"Around mid-2010 was saw increased effort in exploiting software on Android to deliver payloads," he said. "It increases the risk of users interested in using it as a business and personal device."

NEXT: Malware On The Rise, Spam On The Decline

Along with the increase in mobile device security threats, McAfee's recent security report also found that malware is on the rise elsewhere, but the type of malware changed in 2010's fourth quarter, with threats more closely matching certain user habits and events specific to a region.

Overall, McAfee uncovered 20 million new pieces of malware in 2010, equating to nearly 55,000 new malware threats each day. Of the 55 million total pieces of malware McAfee Labs has identified, 26 percent of it was created last year.

And while malware rose, spam e-mail hit its lowest levels in years -- representing 80 percent of total e-mail traffic in the fourth quarter of 2010, its lowest since the first quarter of 2007. Wosotowsky credited the massive drop in spam e-mail to a transition period -- or calm before the storm -- as several botnets went dormant during the holiday season when spam e-mail volumes are usually on an upward path.

Additionally, McAfee found that the increase in the types of devices that access the Internet, like tablets, smartphones and Internet TV devices, has lead to more Web-based threats and those threats will continue to grow in size and sophistication as the number of devices increases. Threats like Zeus-Murofet, Conficker and Koobface grew at a rapid pace, while phishing URLs in the form of the IRS, gift cards, rewards and social networking accounts also grew in popularity.

Cybercriminals also leveraged popular search terms to carry out their attacks. McAfee found that within the top 100 results of the top daily search terms, 51 percent led to malicious sites and on average each of poisoned results page had more than five malicious links that would perform a drive-by download. McAfee said those types of techniques and search engine abuse will likely continue into 2011.

Adobe products, too, continued to be a major malware distribution medium for cybercriminals in 2010, as malware developers exploited weaknesses in Flash and PDF technologies. Adobe attacks will also continue to evolve and grow, as more devices support Flash and PDFs, Wosotowsky said.