Mobile malware getting smarter: Juniper

by CXOtoday Staff    Feb 20, 2012

Mobile malware increased by 155 percent from 2010 to 2011 as cyber criminals continue to hone their craft by finding new ways to exploit vulnerabilities.

Cyber criminals continue to hone their craft by finding new ways to exploit vulnerabilities and human behavior for profit across all mobile platforms and devices, as per the findings of a report.

The Juniper Networks Mobile Threat Centre (MTC) in its 2011 Mobile Threats Report observed a new level of sophistication of many attacks.

Malware writers used new and novel ways to exploit vulnerabilities. 2011 saw malware like Droid KungFu, which used encrypted payloads to avoid detection and Droid Dream, which cleverly disguised itself as a legitimate application, are a sign of things to come, the report said.

Sanjay Beri, Vice President and General Manager, Junos Pulse Business Unit, Juniper Networks said that securing mobile devices requires a combination of safeguarding connections from interception, securing data in transit from prying eyes or theft, protecting against fast-propagating malware, possessing the tools to manage devices and apps, and securing the data, usernames and passwords on them in the event that they are lost or stolen.

Along with more sophistication, Juniper found significant catches of malware that did not exploit technical vulnerabilities but instead relied on social engineering for a quick profit.

A new attack method dubbed Fake Installers was the fastest growing type of malware found by the MTC.

Fake Installers trick victims into unknowingly paying for popular applications that are normally free but have been pirated by the attackers. Victims are tricked into agreeing to terms of service of pirated applications that then send profits via premium SMS messages to the scammers. While these attacks don’t lead to complete financial ruin, they have the promise of making attackers a tidy profit a few dollars a time.

The report also found that mobile malware increased by 155 percent from 2010 to 2011. The worst affected was Android, which saw malware shoot up by 3,325 percent in the last seven months of 2011.

MTC examined more than 790,000 applications and vulnerabilities across every major mobile device operating system to for its report.