IT Security Blog

Your source for information security news and views.

We Will Get Fooled Yet Again

Posted by Patrick Snyder
Patrick Snyder
Patrick Snyder has not set their biography yet
User is currently offline
on Friday, 17 February 2012 in Uncategorized

As if Android security controls weren’t bad enough it seems even more malicious software applications have made their way onto users devices. This new breed of malware is unlike any other. With the increasing power and capabilities of Smartphone’s, soon to include quad core processing power, attackers have begun to broaden their focus on exploiting desktop and laptop computers and are now targeting mobile devices for their Botnets.

Smartphone’s are the perfect target. They are small, powerful, mobile, and best of all thriving with connectivity. Their size and mobility make them great for spreading malware throughout multiple corporate and public areas, anywhere someone might travel to and connect to an open, unencrypted Wi-Fi network. Their increasing processing power has made them just as suitable as higher powered machines for running various attacks and malicious campaigns. Best of all, the connectivity and collaborative information we process through our devices allows malicious attackers to have a field day with our contacts and information.

Unlike most fully functional operating systems, mobile device operating systems are much more lightweight, and are also designed very differently than our traditional operating systems. Yes we still run various applications but many more exist on our mobile devices for specified purposes. On a standard PC, when you want to check your bank account balance or social networking, you generally log in through a browser. Smartphone application developers have simplified this process by allowing you access to specialized applications that will retain your login credentials for easy, efficient, instant access to these accounts.

What’s worse than writing down your passwords? I say it’s saving them for automatic logins in our applications, especially if these applications are infected with malware.

Picture this: You download an innocent looking banking or social networking application, one recommended by friends or one you have seen advertised on the web, through email, etc. You install the application and log in with your banking and/or social networking credentials. Expecting to see your account balance or messages from friends, you are surprised to find yourself now bombarded with spam advertisements, false banking information, and not a friend to be seen. To make matters worse your credit card has now run up a few hundred dollars worth of charges within a few minutes. Welcome to the new world of mobile malware.

The applications infected by the Trojan virus in these two news stories, by Computerworld and ZDNet may not be for banking or social networking, but in an application rich environment we must always consider the impact of fraudulent applications making their way to our most trusted environments. If they can trick us with fraudulent websites then there is no doubt they can trick us with fraudulent applications.

Tags: Untagged
Patrick Snyder has not set their biography yet


Please login first in order for you to submit comments