Mobile malware epidemic on the way

A mobile malware epidemic could render phone networks useless within two to three years, if public awareness of the issue and network security experts don’t take control out of the hands of hackers.

If you’re intelligent enough to be reading the Sciencetext blog, then it’s unlikely that you’re going to be taken in by an email phishing scam or be running a security-compromised web browser. You’re never going to follow a suggestion in a Twitter direct message or run an unknown Facebook app, are you? But, what about your mobile devices, malware on these is relatively rare, but the novelty of the smart generation of devices also means that even the most clued-up user may be unaware of the perils and pitfalls.

According to US researchers writing in a forthcoming issue of the International Journal of Computer Aided Engineering and Technology, the growth in popularity of mobile computing, smart phones, and the internet in general has created an ever-moving target that entices hackers, crackers, social engineers and common or garden criminals. While there are millions of computer viruses, worms, Trojans, and other malware out there (and yes there are ones for Linux and Mac, which means iPhones, too), there are a mere few hundred mobile viruses today. However, the prevalence of mobile viruses is at its tipping point, says Juil Martin of the Department of Systems and Computer Science, at Howard University, in Washington, DC.

The first cellphone virus in the US was Cabir way back in 2004. However, Martin and colleagues have described how easy it is for phones running Symbian, J2ME, and the Windows Mobile operating systems to become infected through various channels, including Bluetooth and 802.11 wireless (wi-fi).

Martin’s team has investigated how fast mobile malware can spread in a typical commercial/urban environment, such as Washington, DC. They have data from 2004 to the present and have then extrapolated this to 2012. The aim of the study is to raise awareness and help cell phone users prepare for a future mobile malware epidemic and to offer some preventative measures.

So, if a mobile malware epidemic is on the way, what might you do to protect yourself? Are their virtual facemasks and vaccinations you could use?

First, it’s useful to know how mobile malware can spread, here’s Martin’s list of the main propagation routes and what the malware does that might one day lead to an epidemic:

• Malware spread by Bluetooth or SMS – Mosquit, Red Browser, Cabir, Lasco, CommonWarrior, Pbstealer, and StealWar
• Viruses transmitted using MMS – StealWar and CommorWarrior
• Malware spread by infecting files – Duts, Lasco, and CommonWarrior
• Virus providing remote network access – Brador
• Viruses or Trojans affecting functionality of cellphone by replacing files, or icons, or system applications – Skuller, Dampig, Hobble, Appdisabler, Doombot, Romride, and Mobler
• Malware transmitted by installing corrupted applications, damaged applications, viruses, malicious programs or disables system functions – Locknut, Skudoo, Bottom, Cardtrap, Singlejump, and Dropper
• Viruses which replace antivirus application loaders or replaces font files – Drever, Fontal, and Blankfont
• Malware which deletes antivirus applications, delete files or copy its body to other devices – Cardtrap, Cxover, and Mobler
• Viruses which spread via memory cards – Mobler, Cardtrap, and Cardblock
• Viruses which steal personal data – Flexispy, Stealwar, and Pbstealer
• Malware that spreads via e-mail – MSIL.Letum

“Although mobile viruses are not as prevalent as desktop e-mail viruses, there is the potential for a large-scale outbreak, as development of new features on mobile devices makes them more vulnerable to attack. Unlike e-mail viruses, which are restricted to one channel for propagation, mobile viruses can propagate over various channels, including e-mail, SMS, MMS, downloaded software, 802.11 wireless, Infrared Data Association (IrDA), and Bluetooth etc.

So, here’s Martin’s basic advice for preventing a malware epidemic and it’s not surprisingly very similar to the non-mobile advice:

• Install the latest antivirus software
• Turn off and remove any unneeded services, such as Bluetooth
• Do not open e-mail attachments unless they are expected
• Do not install applications from illegal file-sharing networks
• Enable the lock feature and create a password for phone access in case it is stolen and returned with malware enabled.

Intriguingly, as I was writing this, news came in that Georgia Tech computer science faculty members had received an NSF grant ($450,000) to develop tools that improve the security of mobile devices and the telecommunications networks on which they operate. Good luck with that!

Juil C. Martin, Legand L. Burge III, Joseph I. Gill, Alicia N. Washington, & Marcus Alfred (2010). Modelling the spread of mobile malware Int. J. Computer Aided Engineering and Technology, 2 (1), 3-14