Whilst it’s debateable whether mobile malware is really a serious threat to the average use, it’s clear innovation in malicious kit targeting smartphones is ramping up.
That was evident from research released this week at the RSA 2014 conference, where Trustwave showed off a tool that could monitor touches and swipes on Android and jailbroken iPhones. Whilst this tool isn’t in use by criminals, it goes to show what kind of snooping is now possible.
Trustwave’s Neal Hindocha showed me how this tracking of swipes and touches could be used to track pin codes used to lock devices. He believes such malware would be useful to attackers targeting specific companies, and therefore specific employees.
“It’s good to know about these issues now,” said Hindocha. “It should be of concern to specific companies… they should move to protect.
“I’m not going to assume I’m the only one to have come up with this… I can see this being used in targeted attacks.
“It can be used as the first step of getting into corporate networks.”
Earlier in the week, Kaspersky released details on a piece of Android malware that used the Tor network to cover its tracks. Tor takes users through different servers to hide their IP address, but it can be used to host what are known as command and control servers. That protects the identity of the attackers.
Whilst this requires extra coding skills and man-hours on the attackers’ side, one major advantage of using Tor is that it is impossible to shut down the command and control infrastructure.
Given that malware has the ability to siphon off text messages and force the device to send messages to specified phone numbers, such as premium rate lines, the fact that it cannot be shut down makes this a major concern.
It’s evident malware authors are borrowing techniques from the desktop world to improve their attacks on mobiles. This may be a perturbing precursor to an explosion in effective, increasingly smart mobile threats. Yet one hopes lessons have been learned from the Windows era about how best to protect against malicious software.
In reality, mobile users should be far more concerned about targeted attacks rather than scatter shot approaches that aim to infect large swathes of people. “I think the way they are able to protect their users…. we are coming into a stage where these code red type things are not impossible but more difficult and less likely,” adds Hindocha.
“We’re going to see an increase in mobile malware but it is going to be targeted. I do not think we’re going to see masses of malware like on Windows, either on Android or iOS.
“I think we are going to see an increase in persistence, where it’s more difficult to stop it.”
I’ve said before that mobile malware isn’t a severe threat to the average person. But that’s not to say users shouldn’t be mindful of the kinds of threats emerging. The smartphone is still relatively nascent technology. As it matures, so will the attacks targeting them.