Tuesday, November 22, 2011

Virus on smart phones

Mobile phones running on Google's Android operating system are experiencing a "malware epidemic," with the amount of malicious software having risen nearly fivefold since July, according to a post by the security research division of Juniper Networks.

More than half of the smartphones sold worldwide in the third quarter of the year use Android software, the research firm Gartner said this week. And as the platform grows, so do its malware woes. Cybersecurity firm McAfee reported in August that Android had become the number-one target for malicious software.

October and November are expected to see the fastest growth of malware in the history of the Android operating system, according to the post by Juniper Global Threat Center. This comes after a fourfold increase in Android malware from 2009 to the summer of 2010, the company said. By Juniper's count, that means Android malware has increased a stunning 427% from July 2011 to November 10, 2011.

Juniper said hackers have become more sophisticated in the malware they create for Android, writing malicious code that allows them to take control of the phone, spy on victims and send premium-rate text messages - which can cost $2 to $3 each - from a victim’s phone to the hacker, who collects the money.

Juniper said malware on Android devices has become widespread because Google’s method for policing its mobile app store is less stringent than Apple’s system for keeping malware out of its mobile app store.

"There is still no upfront review process in the official Android Market that offers even the hint of a challenge to malware writers that their investment in coding malware will be for naught," the report said.

Malicious applications in the Android market can be removed after the fact if someone discovers it and reports it, Juniper said.

"But how many unsuspecting people are going to download it before it is identified as malicious and removed?" the post said. "This is precisely what is playing out in the mind of mobile malware developers today."

A recent report by the malware testers at AV-Test.org found that most free Android malware scanners did a poor job of detecting malicious software. "[T]he circulation of obviously near to useless security apps endangers those, who trust them and install apps from 3rd party app markets without further suspiciousness," read AV-Test's report, according to ZDNET.


more info @ http://www.huffingtonpost.com/2011/11/17/android-malware-epidemic-infographic_n_1099220.html


Spyware on smart phones

Beware your smartphone

Beware your smart phone



Forget what's in your wallet -- beware your smartphone. It's becoming one of your most dangerous possessions.

If your phone was stolen a few years ago, the thief could make prank calls and read your text messages. Today, that person can destroy your social life -- you said what on Facebook?! -- and wreak havoc on your finances.

Now that smartphones double as wallets and bank accounts -- allowing users to manage their finances, transfer money, make payments, deposit checks and swipe their phones as credit cards -- they are very lucrative scores for thieves. And with 30% of phone subscribers owning iPhones, BlackBerrys and Droids, there are a lot of people at risk.

"It's crazy the amount of information on that phone -- it's like carrying a mini-computer around with you, except that more people know the settings on their computer than they do on their phones at this point," said Nikki Junker, social media coordinator and victim advisor at Identity Theft Resource Center. "People are incredibly at risk as technology improves."

And mobile banking use is expected to soar by nearly 55% next year, according to recent data compiled by TowerGroup, a research firm for the financial services industry.

They found that while 17.8 million consumers used mobile banking last year, 27.4 million are expected to use it this year, and 53.1 million consumers are forecast to adopt it by 2013.

"We're now past the early adopters and starting to hit the early maturity phase," said George Peabody, director of emerging technologies at Mercator Advisory Group. "So much of our screen time is shifting from PCs to smartphones, and the banks want to be there and know they have to be there."
Google to power your mobile wallet?

In addition, the volume of mobile payments -- buying boots via Zappos iPhone app, for example, or paying bills -- is expected to climb to $214 billion by 2015, up from $16 billion in 2010, according to Aite Group, another financial services research firm.

And pay-by-phone is only going to get easier as our devices come embedded with Near Field Communication (NFC) devices that allow you to pay for your morning latte by waving your phone at the cash register.

Companies like Blaze Mobile and Bling Nation already let you pay major retailers by swiping your smartphone thanks to a sticker adhered to the outside of your phone. Meanwhile, an app created by mFoundry brings up an image of your Starbucks prepaid card barcode and lets you scan it in lieu of a credit card.

"A lot of players are now pushing to drive the contactless technology," said Gwenn Bezard, research director at Aite Group specializing in banking and payments. "While you're not going to wake up tomorrow and everyone is going to be using mobile payments, it's going to grow over the next years -- and from a very low base."

Watch your phone! Security attacks on smartphones climbed to an all-time high in 2010, according to AdaptiveMobile, an international mobile security firm. Specifically, attacks on Google's Android smartphones quadrupled, and smartphones running Java-based applications jumped 45%.

"Bad guys are following where the people are going -- and people are going to smartphones," said Peabody. "As smartphone prices continue to decline and even more people get them, that's definitely the new place for bad guys to go."

While storing a password and keeping your phone locked is a good start, it's not going to protect you from professional fraudsters.

"Don't think that having an initial password set on your phone can stop people from getting in there," said Junker. "It's a very low level of protection -- you can even find 30-second videos on how to crack smartphone passwords on YouTube."

If you use mobile banking or make online payments frequently, you should invest in anti-virus protection and check with your bank about any security or identity theft protection features that you can enable.

Most smartphones also offer remote wipe-out services -- like MobileMe for the iPhone -- that automatically erase the information on your phone if you claim it as lost or stolen.

If you bank with your phone by accessing its website rather than opening an app, be extra careful when typing in the address. Some identity thefts create domains with the same address as major banks with two letters switched in hopes a consumer will accidentally land on the site and enter their username and password, said Junker.

And make sure you immediately log out of any bank apps or sites where your financial information is stored as soon as you're finished. While your identity is still at risk if your phone is stolen, this will buy you time to wipe out your information as soon as you realize it's gone.

No comments: