Mobile malware

Last updated

Mobile malware is malicious software that targets mobile phones or wireless-enabled Personal digital assistants (PDA), by causing the collapse of the system and loss or leakage of confidential information. As wireless phones and PDA networks have become more and more common and have grown in complexity, it has become increasingly difficult to ensure their safety and security against electronic attacks in the form of viruses or other malware. [1]

Contents

History

The first known virus that affected mobiles, "Timofonica", originated in Spain and was identified by antivirus labs in Russia and Finland in June 2000. "Timofonica" sent SMS messages to GSM-capable mobile phones that read (in Spanish) "Information for you: Telefónica is fooling you." These messages were sent through the Internet SMS gateway of the MoviStar mobile operator. "Timofonica" ran on PCs and did not run on mobile devices so was not a true mobile malware [2]

In June 2004, it was discovered that a company called Ojam had engineered an anti-piracy Trojan hack in older versions of its mobile phone game, Mosquito. This sent SMS texts to the company without the user's knowledge.

In July 2004, computer hobbyists released a proof-of-concept virus Cabir, that infects mobile phones running the Symbian operating system, spreading via Bluetooth wireless. [3] [4] This was the first true mobile malware [5]

In March 2005, it was reported that a computer worm called Commwarrior-A had been infecting Symbian series 60 mobile phones. [6] This specific worm replicated itself through the phone's Multimedia Messaging Service (MMS), sending copies to contacts listed in the phone user's address book.

In August 2010, Kaspersky Lab reported the trojan Trojan-SMS.AndroidOS.FakePlayer.a. [7] This was the first SMS malware that affected Google's Android operating system, [8] and which sent SMS messages to premium rate numbers without the owner's knowledge, accumulating huge bills. [9]

Currently, various antivirus software companies offer mobile antivirus software programs. Meanwhile, operating system developers try to curb the spread of infections with quality control checks on software and content offered through their digital application distribution platforms, such as Google Play or Apple's App Store. Recent studies however show that mobile antivirus programs are ineffective due to the rapid evolution of mobile malware. [10]

In recent years, deep learning algorithms have also been adopted for mobile malware detection. [11]

Taxonomy

Many types of common malicious programs are known to affect mobile devices:

In fact, with increase in creation of viruses & malwares like Trojan Horse, the camera crashing or camfecting issues are becoming quite common. [13]

Notable mobile malicious programs

See also

Related Research Articles

Malware is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy. Researchers tend to classify malware into one or more sub-types.

In computing terminology, a macro virus is a virus that is written in a macro language: a programming language which is embedded inside a software application. Some applications, such as Microsoft Office, Excel, PowerPoint allow macro programs to be embedded in documents such that the macros are run automatically when the document is opened, and this provides a distinct mechanism by which malicious computer instructions can spread. This is one reason it can be dangerous to open unexpected attachments in e-mails. Many antivirus programs can detect macro viruses; however, the macro virus' behavior can still be difficult to detect.

Spyware is any software with malicious behavior that aims to gather information about a person or organization and send it to another entity in a way that harms the user by violating their privacy, endangering their device's security, or other means. This behavior may be present in malware and in legitimate software. Websites may engage in spyware behaviors like web tracking. Hardware devices may also be affected.

In computing, a Trojan horse is any malware that misleads users of its true intent by disguising itself as a standard program. The term is derived from the ancient Greek story of the deceptive Trojan Horse that led to the fall of the city of Troy.

<span class="mw-page-title-main">Timeline of computer viruses and worms</span> Computer malware timeline

This timeline of computer viruses and worms presents a chronological timeline of noteworthy computer viruses, computer worms, Trojan horses, similar malware, related research and events.

<span class="mw-page-title-main">Cabir (computer worm)</span>

Cabir is the name of a computer worm developed in 2004 that is designed to infect mobile phones running Symbian OS. It is believed to be the first computer worm that can infect mobile phones. When a phone is infected with Cabir, the message "Caribe" is displayed on the phone's display, and is displayed every time the phone is turned on. The worm then attempts to spread to other phones in the area using wireless Bluetooth signals.

Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms.

<span class="mw-page-title-main">ESET NOD32</span> Computer protection software

ESET NOD32 Antivirus, commonly known as NOD32, is an antivirus software package made by the Slovak company ESET. ESET NOD32 Antivirus is sold in two editions, Home Edition and Business Edition. The Business Edition packages add ESET Remote Administrator allowing for server deployment and management, mirroring of threat signature database updates and the ability to install on Microsoft Windows Server operating systems.

Rogue security software is a form of malicious software and internet fraud that misleads users into believing there is a virus on their computer and aims to convince them to pay for a fake malware removal tool that actually installs malware on their computer. It is a form of scareware that manipulates users through fear, and a form of ransomware. Rogue security software has been a serious security threat in desktop computing since 2008. An early example that gained infamy was SpySheriff and its clones, such as Nava Shield.

Man-in-the-browser, a form of Internet threat related to man-in-the-middle (MITM), is a proxy Trojan horse that infects a web browser by taking advantage of vulnerabilities in browser security to modify web pages, modify transaction content or insert additional transactions, all in a covert fashion invisible to both the user and host web application. A MitB attack will be successful irrespective of whether security mechanisms such as SSL/PKI and/or two- or three-factor authentication solutions are in place. A MitB attack may be countered by using out-of-band transaction verification, although SMS verification can be defeated by man-in-the-mobile (MitMo) malware infection on the mobile phone. Trojans may be detected and removed by antivirus software;, but a 2011 report concluded that additional measures on top of antivirus software were needed.

<span class="mw-page-title-main">Computer virus</span> Computer program that modifies other programs to replicate itself and spread

A computer virus is a type of malware that, when executed, replicates itself by modifying other computer programs and inserting its own code into those programs. If this replication succeeds, the affected areas are then said to be "infected" with a computer virus, a metaphor derived from biological viruses.

Koobface is a network worm that attacks Microsoft Windows, Mac OS X, and Linux platforms. This worm originally targeted users of networking websites like Facebook, Skype, Yahoo Messenger, and email websites such as GMail, Yahoo Mail, and AOL Mail. It also targets other networking websites, such as MySpace, Twitter, and it can infect other devices on the same local network. Technical support scammers also fraudulently claim to their intended victims that they have a Koobface infection on their computer by using fake popups and using built-in Windows programs.

<span class="mw-page-title-main">Malwarebytes</span> Internet security company

Malwarebytes Inc. is an American Internet security company that specializes in protecting home computers, smartphones, and companies from malware and other threats. It has offices in Santa Clara, California; Clearwater, Florida; Tallinn, Estonia; Bastia Umbra, Italy; and Cork, Ireland.

Mobile security, or mobile device security, is the protection of smartphones, tablets, and laptops from threats associated with wireless computing. It has become increasingly important in mobile computing. The security of personal and business information now stored on smartphones is of particular concern.

<span class="mw-page-title-main">Trend Micro Internet Security</span>

Trend Micro Internet Security is an antivirus and online security program developed by Trend Micro for the consumer market. According to NSS Lab comparative analysis of software products for this market in 2014, Trend Micro Internet Security was fastest in responding to new internet threats.

Avira Operations GmbH & Co. KG is a German multinational computer security software company mainly known for its Avira Free Security antivirus software. Although founded in 2006, the Avira antivirus application has been under active development since 1986 through its predecessor company H+BEDV Datentechnik GmbH. Since 2021, Avira has been owned by American software company NortonLifeLock, which also operates Norton, Avast and AVG. It was previously owned by investment firm Investcorp.

Shedun is a family of malware software targeting the Android operating system first identified in late 2015 by mobile security company Lookout, affecting roughly 20,000 popular Android applications. Lookout claimed the HummingBad malware was also a part of the Shedun family, however, these claims were refuted.

HummingBad is Android malware, discovered by Check Point in February 2016.

Xafecopy Trojan is a malware software targeting the Android operating system, first identified in September 2017 by cybersecurity and antivirus provider Kaspersky Lab. According to Kaspersky Lab, Xafecopy infected at least 4,800 users within a month in approximately 47 countries. Users in India were its primary victims, followed by users from Russia, Turkey, and Mexico.

References

  1. Mobile malware attacks and defense. Dunham, Ken. Burlington, MA: Syngress/Elsevier. 2009. ISBN   9780080949192. OCLC   318353699.{{cite book}}: CS1 maint: others (link)
  2. "Mobile Phones Swamped by E-Mail Virus". ecommercetimes.com. 7 June 2000.
  3. Malware Goes Mobile, Mikko Hyppönen, Scientific American, November 2006, pp. 70-77.
  4. Richard Hantula (2009). How Do Cell Phones Work?. Infobase Publishing. p. 27. ISBN   978-1-4381-2805-4.
  5. "10 years since the first smartphone malware – to the day". eugene.kaspersky.com. Retrieved 2021-07-28.
  6. Computer Virus Timeline (infoplease.com)
  7. Android Virus Security Lab
  8. "Information about Smartphone Virus and Prevention tips". MyPhoneFactor.in. Retrieved 2013-01-12.
  9. "First SMS Trojan detected for smartphones running Android". Kaspersky Lab. Retrieved 2010-10-18.
  10. Suarez-Tangil, Guillermo; Juan E. Tapiador; Pedro Peris-Lopez; Arturo Ribagorda (2014). "Evolution, Detection and Analysis of Malware in Smart Devices" (PDF). IEEE Communications Surveys & Tutorials. 16 (2): 961–987. doi:10.1109/SURV.2013.101613.00077. S2CID   5627271. Archived from the original (PDF) on 2017-10-31. Retrieved 2013-11-11.
  11. Catal, Cagatay (2022). "Applications of deep learning for mobile malware detection : A systematic literature review". EBSCOhost Military and Government Collection. 34 (2): 1007–1032.
  12. "How to Remove an Android Virus". Latest Gadget. 2019-03-24. Retrieved 2019-07-15.
  13. "The Ultimate Guide to iPhone Repair: Common Problems and Fixes". 27 March 2023.
  14. "How to Track Phone Silently [2023 Guide] - Techie Maish". 2023-04-26. Retrieved 2023-05-16.
  15. "What Is A Backdoor and How to Protect Against It | Safety Detective". Safety Detective. Retrieved 2018-11-22.
  16. Toulas, Bill. "New Android malware on Google Play installed 3 million times". Bleeping Computer. Retrieved 13 July 2022.
  17. Mathur, Chandraveer (2022-07-08). "Security researchers warn of Joker malware's resurgence in Play Store apps". Android Police. Retrieved 2022-07-14.
  18. "Meet FlexiSpy, The Company Getting Rich Selling 'Stalkerware' to Jealous Lovers". www.vice.com. Retrieved 2021-07-28.
  19. Gohring, Nancy (2006-03-31). "Spy software company argues product isn't a Trojan". Computerworld. Retrieved 2021-07-28.
  20. "Stalking Stalkerware: A Deep Dive Into FlexiSPY". 20 December 2019.
  21. "Top 10 Monitoring Features From FlexiSPY". FlexiSPY Blog. 2018-02-09. Retrieved 2021-07-28.
  22. "Mobile Malware Evolution: An Overview, Part 3". securelist.com. Retrieved 2021-07-28.
  23. Singh, Rishi (2009-05-11). "NT fortifying against SMS virus". The Himalayan Times. Retrieved 2021-07-28.
  24. "SMS Virus Spreading All Over - Get Full Info. • TechSansar.com" . Retrieved 2021-07-28.
  25. "Network Protection in the Middle East" (PDF). Archived (PDF) from the original on 2017-09-29.
  26. "ZeuS-in-the-Mobile – Facts and Theories". securelist.com. Retrieved 2021-04-19.
  27. "First iPhone worm discovered – ikee changes wallpaper to Rick Astley photo". Naked Security. 2009-11-08. Retrieved 2021-07-28.
  28. Kovacs, Eduard (2 May 2014). "Samsapo Android Malware Spreads like a Computer Worm". softpedia. Retrieved 2021-07-28.
  29. "Android malware worm catches unwary users". WeLiveSecurity. 2014-04-30. Retrieved 2021-07-28.
  30. "Mobile virus hack Google Play user on Brazil".
  31. Samuel Gibbs (6 July 2016). "HummingBad malware infects 10m Android devices". TheGuardian.com . Retrieved 2016-07-06.
  32. Brandom, Russell (2016-08-25). "A serious attack on the iPhone was just seen in use for the first time". The Verge. Retrieved 2021-04-22.
  33. Marczak, Bill; Scott-Railton, John (2016-08-24). "The Million Dollar Dissident: NSO Group's iPhone Zero-Days used against a UAE Human Rights Defender". The Citizen Lab. Retrieved 2021-04-22.
  34. "Pegasus for Android: the other side of the story emerges". blog.lookout.com. Retrieved 2021-04-22.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.