Yesterday saw the launch of Get Safe Online week in the UK, an annual event aimed at raising awareness among consumers and small business of the threat from online crime.
The focus of the launch event yesterday was mobile malware and I was asked to give a presentation and demonstration of how this threat manifests itself. The video that I made with the BBC illustrates just how invisible and damaging SMS fraud malware can be and the kind of financial damage it can inflict on the victim.
Added on November 12th, 2011
The history of mobile malware begins back in 2004 with the appearance of Cabir, the forerunner of many later variants. Cabir was aimed at infecting Symbian based devices, it first emerged as a proof-of-concept but was rapidly picked up and abused by those with criminal intent. Cabir made money by sending premium rate SMS messages from infected devices. This means of turning a profit turned out to be so effective that by 2009 SMS fraud Trojans made up a large bulk of mobile malware and that trend has continued and grown with the rise of the smartphone. In fact, the first ever Trojan for Android based devices was also an SMS fraud trojan, known as ANDROIDOS_DROIDSMS.A
Malware exists for all major mobile platforms in fact, renowned mobile securtity researcher Charlie Miller announced yesterday that he had devised a way to embed functionality in apps for Apple’s iPhone which allowed them to download and run code after the intial application had been installed. His proof of concept app had been checked by Apple and was available in the App Store since September.
If you are interested in finding out more about the history of mobile malware you can download my paper on that very subject right here.
The TrendLabs mobile threats information hub can be found here.