Hackers are targeting new smartphones for one simple reason: 421 million handhelds are projected to be sold worldwide this year, according to market analysts at IDC.
Most malicious incidents against mobile devices consist of improper charges for telephony, text messages or fake apps, of which there are currently more than 500 varieties, according to F-Secure, a Finnish security firm. All of these tricks require users to perform some action, such as clicking to accept or install a program, so caution when using mobile devices can prevent most problems. Nonetheless, experts say automated attacks are possible and could emerge in the future.
Most of the attacks occur in Eastern Europe and China. Nearly all — 88 percent, according to F-Secure — target devices that use Nokia's Symbian operating system. Symbian is the most widely used smartphone platform in the world, but Nokia announced this month that it will replace it in the coming years with Microsoft's new Windows Phone.
Early attacks, such as the Cabir and Commwarrior worms of 2004 and 2005, caused little damage. But since 2009, these assaults have become more threatening. In September, hackers trying to steal money from Spanish bank accounts installed malicious apps on Symbian devices when synced to home PCs infected with a version of the ZeuS malware. The app allowed criminals to respond to security codes sent by the bank to validate money transfers.
Such attacks could be a foreshadowing of what is about to happen to very popular devices. Criminals have attacked phones with Google's Android system, RIM's BlackBerry, Apple's iPhone and Microsoft's Windows Mobile operating system software, suggesting that more onslaughts should be expected.
Some experts think that Android will be the preferred target of malware because anyone can create and distribute an application on the Web. Google doesn't check apps for security issues but has installed technical obstacles to prevent malicious activity. For example, apps run in a "sandbox," a closed environment where they can't affect each other or manipulate cellphone functions without the user's permission.
Ten attacks have been targeted against Android users, including a malicious program called Geinimi that appeared on third-party Android app marketplaces in China in December. This addition to legitimate applications, primarily games, allowed hackers to manipulate text messages, steal contact lists, make calls, visit websites, and download files.
The attacks underscore the importance of being very cautious when downloading mobile apps. Users should install only apps from sites they trust. A smartphone is "a handheld microcomputer, and you can have Trojans, worms and viruses like on a PC," said Andy Hayter, anti-malware program manager at ICSA Labs, Verizon's independent division.
Source: Clarin
