SRIJAN

• SRIMCA Home
• SRIJAN Home
• Editorials
• IT
• Management
• Biography
• Book Review
• Spiritual
• General

Malware Hub

Introduction

Almost everyone these days knows about the viruses, Trojans and spyware that attack PCs & cell phones and has an anti-virus software suite that affords them some protection. However, the newest growing threat is Malware that attacks Smartphone’s Malware is going places. With the flashfake trojan hitting mac, the super virus flame for windows and of course the exponential increase in malware for our favourite mobile platform android! I admit the last one is pretty surprising but true. It won't be uncommon to see your latest, top of the line phone with a GHz processor getting infected like a PC or maybe not! The latest trend shows that android malware has been acting discreetly. Smart phones are getting more advanced and the methods of attacking them are rather more smarter than the phones. Such kinda attacks are being considered as a PC replacement. As they store all important data, contacts in addition to mobile banking, they are a good target for malware authors. The majority of existing Android malware is very obvious in its intention to provide some kind of benefit, usually financial, to the attacker.

What is mobile malware?

Malware is software designed to negatively affect your computer. Malware can either be a virus, worm, or a Trojan whose purpose is to disrupt computer operation; Spyware, which is intended to collect information about users without their knowledge; rootkits, which gain unauthorized access to computer systems; or adware, which is designed to automatically render advertisements.

Popularity of the platform: Android has about billions of users (40-50% market share) with lacs of activations per day, around the world, providing a great market size for the malware. It accounts for 65% of the total mobile malware. Malware aimed at Android Smartphone’s alone has grown 76% over the last few months, threatening Android security, as well as other platforms also under attack. Many of the threats, such as clicking on a dangerous link in an email or in search results, are the same as you would encounter on your computer, but there are other threats that are unique to mobile devices. For instance, you could accidentally download a malicious application that accesses your personal information and sends it to a cybercriminal. Or, you could download a dangerous app that dials premium-rate numbers from your phone, leaving you with expensive charges on your mobile bill. Other malicious programs can potentially alter your phone’s functionality, rendering it useless. operating system used in mobile phones in the future.

So what does mobile malware do?

Mobile malware can do just about everything a virus on your PC can do – and more. For starters, viruses can bog down your phone's processing speeds, hack your email and send out spam to all your contacts, randomly delete your important files and calendar entries, and initiate system-wide crashes. One of the worst and most recent viruses that targets only mobile phones eventually causes the infected phone to lock up completely, making it unusable. However, some Smartphone malware can access your camera and photos. It can steal all the images saved on your camera and actually hijack the camera to take photos at random.

In recent, there is a trend in android users to “ROOT” their device to customize it in every possible best manner. But they are aware about the fact that all those softwares (ROM) available for rooting your device are already pre installed with MALWARES. By installing any of these ROMs, the developer of the ROM can easily go through your personal data and might misuse it in the worst way. People find it interesting to customize their device by installing these ROMs, but are unaware of its side effects and the “BLACK” intensions of the developers.

Notable mobile malware:

1. Cabir: Infects mobile phones running on Symbian OS. When a phone is infected, the message 'Caribe' is displayed on the phone's display and is displayed every time the phone is turned on. The worm then attempts to spread to other phones in the area using wireless Bluetooth signals
2. Duts: A parasitic file infector virus and is the first known virus for the PocketPC platform. It attempts to infect all EXE files in the current directory (infects files that are bigger than 4096 bytes).
3. Skulls: A trojan horse piece of code. Once downloaded, the virus, called Skulls, replaces all phone desktop icons with images of a skull. It also will render all phone applications, including SMSes and MMSes useless.
4. Commwarrior: First worm to use MMS messages in order to spread to other devices. It can spread through Bluetooth as well. It infects devices running under OS Symbian Series 60. The executable worm file, once launched, hunts for accessible Bluetooth devices and sends the infected files under a random name to various devices.
5. DroidDream (aka Android.Rootcager): DroidDream infected at least 60 legitimate applications in the Android Market and attacked hundreds of thousands of users in the first quarter of 2011. It changes the victim into a botnet, penetrates the security system Android and steals the victim’s data.
6. GGTracker: This threat was born in June by displaying the page the mobile web version of Android Market. The victims are asked to download a battery-saving applications. Once installed, the rogue application that will send a premium SMS at the rate of U.S. $ 40 per SMS.
7. Net-Worm Iphone: the worm stole user data and let malicious users remotely control infected smartphones. This variant also attacked users of jailbroken iPhones and iPod Touches where the default SSH password was not changed.

EXPERIENCE

I have a personal experience related to this issue which became a reason for me to publish this matter. I am too an android user btw. I attended a conference organized by HACKSTOCk GROUP in 2012. During the conference, in a Session Hijacking, my android devices was attacked by the HACKSTOCk people, and I was completely unknown to the activity. They hacked my android device and used it to call one of my friend from my contact list without any permission from me and without operating my device. My friend’s device blinked my number and I was literally shocked to see such kinda MALWARE attack. They even read my messeges stored on the device using the IMEI number of my device. They showed us this for security purpose and made us aware about the MALWARE attack.

How can you protect yourself?

1. Try downloading apps from reliable sources like google play. Google also has secretly had a system in place named "Bouncer" to scan apps for malicious code.
2. Carefully check permissions of applications before installing them. A flashlight app, for instance, probably shouldn't need to send SMS Messages or your location. The general rule of thumb: If an app is asking for more than what it needs to do its job, you should skip it.
3. Avoid sideloading : Avoid directly installing Android Package files (APKs). They are a common path for virus infections
4. Install an anti-virus on your mobile. It is getting increasingly necessary to do so with the growth of mobile malware.
5. Update, update, update Google periodically releases updates to Android that address bugs and security problems. The trouble is there are quite a few Android users who don't actually update their software. That's a mistake. As soon as updates are made available, they should be applied. Failing to do so leaves users at greater risk. Try and keep your device and data password protected. Or if possible, hide them or back it up on ur external devices like hard drive, disc, etc.
6. Never sync your data online like on “icloud” or “dropbox”. Attackers can retrieve your personal data from such online stuffs by sending you a spam mail (attached with malware) that has the tendency to extract all your personal data like photos, contacts, bank account details, etc. and might misuse it.
   
7. Stop believing you're safe The mobile malware threat started a several three years ago. Yet serious discussions about keeping people safe really only started in 2010. What's worse, the uninformed think that they can do what they want when they want with their Android devices and be just fine. That's just plain wrong. It's time all Android users and users of all types of mobile devices stop thinking they're safe and admit that really bad things can happen.
8. Stop believing you're safe The mobile malware threat started a several three years ago. Yet serious discussions about keeping people safe really only started in 2010. What's worse, the uninformed think that they can do what they want when they want with their Android devices and be just fine. That's just plain wrong. It's time all Android users and users of all types of mobile devices stop thinking they're safe and admit that really bad things can happen.

Online Malware Analysis Services

References

• Wikipedia : http://en.wikipedia.org/wiki/Malware
• Microsoft : http://www.microsoft.com/security/portal/mmpc/help/malware-help.aspx
• Norton Security : http://nortonsecuritysoftware.com/malware-en http://in.norton.com/security_response/malware.jsp
• Kaspersky Lab Antivirus : http://www.kaspersky.com/about/news/virus
• ThreatExpert : http://www.threatexpert.com/files/malware.exe.html
• HACKSTOCK GROUP : www.facebook.com/hackstock.officialpage