DOCSLIB.ORG

Malware Goes Mobile by Mikko Hypponen

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Malware Goes Mobile by Mikko Hypponen MALWARE GOES MOBILE BY MIKKO HYPPONEN Computer viruses are now airborne, infecting mobile phones in every part of the globe. Security companies, cellular operators and phone makers are moving to quash these threats before they spiral out of control he day the computer security community had anticipated for years finally arrived in June 2004. I and other researchers who study malicious forms of software knew that it was only a matter of time until such T malware appeared on mobile phones as well. As cell phones have evolved into smartphones—able to download programs from the Internet and share software with one another through short-range Bluetooth connections, worldwide multimedia messaging service (MMS) communications and memory cards—the devices’ novel capabilities have created new vulnerabilities. Scoundrels were bound to find the weaknesses and exploit them for mis- chief or, worse, for criminal gain. Sure enough, three summers ago security ex- perts found the first rogue program written spe- cifically for smartphones. Dubbed Cabir, it was a classic proof-of-concept virus, clearly created to 70 SCIENTIFIC AMERICAN NOVEMBER 2006 COPYRIGHT 2006 SCIENTIFIC AMERICAN, INC. INFECTION of one smartphone by malicious software—malware— could bring down others in a domino effect. COPYRIGHT 2006 SCIENTIFIC AMERICAN, INC. SMARTPHONES ON THE RISE s) 15 on MORE PHONES, MORE TARGETS The number of smart mobile devices (milli in the world has expanded dramatically de 10 dwi in recent years, and so has the amount rl Wo of malware set loose to attack them. , That mix is a recipe for disaster: as the ld 5 size of a target audience increases, so, s So too, does the likelihood that miscreant it Un programmers will attack it. And 0 audience size is expected to soar in Quarter 1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 the years ahead. Industry analysts 2003 2004 2005 2006 predict that more than 200 million smartphones will be sold in 2009. GROWTH IN MOBILE MALWARE 350 ms capture bragging rights. It caused no ra 300 damage to an infected device, other Prog than running down the phone’s battery 250 as the virus tried to copy itself to an- lware 200 other smartphone by opening a Blue- Ma wn tooth connection. The anonymous au- o 150 thor, most likely somewhere in Spain, Kn of of 100 chose to post Cabir on a Web site rather er than releasing it into the wild. But with- mb 50 Nu in two months other scofflaws had ve 0 turned it loose in Southeast Asia. It soon lati 05 06 05 06 05 05 06 04 04 . 04 . ; h h g. spread worldwide. ) ne ne ne pt pt mu rc rc Au Dec. Dec. Ju Ju Ju Se Se Even though we had been on the Cu Ma Ma page lookout for viruses such as Cabir, secu- this ) rity experts were not fully prepared to like a computer virus that can be ob- our office building and posted a guard at ( deal with it. As soon as the alert was served and dissected on a machine that the door before turning them on, lest an sounded, my co-workers and I at F-Se- is disconnected from any network, wire- unsuspecting employee walk in and catch cure, a computer security firm, started less malware can spread—in some cases, the bug. Later that year F-Secure built bottom graph inspecting the new virus, which was a even make transoceanic leaps—the mo- two aluminum-and-copper-encased lab- type known as a worm [see box on op- ment the infected phone is powered up. oratories, impenetrable to radio waves, posite page for definitions of terms]. So we took four cell phones hit by to study this contagious new form of ); LUCY READING-IKKANDA But we had no safe place to study it; un- Cabir to the basement bomb shelter in malware. Although the initial version of Cabir was relatively innocuous, some unscru- Overview/Imperiled Phones opposite page pulous malware writers rushed to mod- and ■ The first malicious software aimed at smartphones hit in 2004. Smartphones ify it into forms that are more virulent are mobile phones that permit users to install software applications from and damaging, while others began ) AND F-SECURE SECURITY RESEARCH ( sources other than the cellular network operator. crafting novel kinds of attacks. Mobile ■ — Today more than 300 kinds of malware among them worms, Trojan horses, viruses on the loose now can completely top graph other viruses and spyware—have been unleashed against the devices. disable a phone, delete the data on it or preceding pages ■ As sales of such sophisticated phones soar worldwide, the stage is being set force the device to send costly messages for the massive spread of malware. Steps are being taken to prevent that to premium-priced numbers. Within scenario, but the opportunity to block the onslaught is unlikely to last long. two years the number of viruses target- MIRACLE STUDIOS ( ing smartphones soared from one to SOURCES: CANALYS ( 72 SCIENTIFIC AMERICAN NOVEMBER 2006 COPYRIGHT 2006 SCIENTIFIC AMERICAN, INC. more than 200, a rate of growth that roughly paralleled that of computer vi- ruses in the first two years after the first PC virus, called Brain, was released in 1986. Despite Herculean efforts to rein it Smartphones could in the in, PC malware continues at a gallop: more than 200,000 forms have been very near future make up identified so far, and today an unpro- tected PC is often infected within min- most of the world’s computers. utes of connecting to the Internet. The economic costs of the 20-year onslaught have been steep, and they are spiraling tions of smartphones that run more vices accrete more PC-like functionality. higher as old-school malware written open operating systems, Web browsers, At the same time that smartphones have for glory has given way to a new era of e-mail and other messaging clients and begun sporting features such as video “crimeware” designed for spamming, that contain Flash memory card readers cameras, GPS navigation and MP3 play- data theft or extortion. and short-range Bluetooth radios. Each ers, their prices have dropped—subsi- Mobile malware, though little more of these features offers a conduit through dized in part by network operators, who than a nuisance today, could quickly es- which malware can propagate. hope the new capabilities will encour- calate into an even more formidable Bluetooth, for example, allows cer- age customers to spend more on cellular problem than PC malware in the years tain mobile worms to spread among vul- services. Manufacturers sold more than ahead unless the security community, nerable phones by mere proximity, al- 40 million smartphones last year, and cellular network operators, smartphone most like the influenza virus. A Blue- industry analysts expect to see 350 mil- designers and phone users all work to- tooth-equipped smartphone can identify lion units in service by 2009. gether to hold it in check. The history of and exchange files with other Bluetooth In the medium term, these devices PC malware is humbling, but it offers devices from a distance of 10 meters or may be adopted most quickly in emerg- lessons that will help us to anticipate more. As victims travel, their phones can ing economies, where computer owner- some of the ways in which mobile virus leave a trail of infected bystanders in writers will strike next and to take steps their wake. And any event that attracts to thwart them. a large crowd presents a perfect breeding A Malware Primer ground for Bluetooth viruses. A Rising Tide A particularly nasty form of Cabir, PHISHING SCAM i n 1988 many computer experts dis- for example, spread so rapidly through Fraudulent Web page, e-mail or text missed viruses as inconsequential novel- the audience at the 2005 world track and message that entices the unwary ties. That assessment proved regrettably field championships in Helsinki that sta- to reveal passwords, financial details or other private data. naive. For mobile malware, the time is dium operators flashed warnings on the now 1988, and we have a brief window big screen. Most smartphones can put SPYWARE in which to act to avoid repeating the Bluetooth into a “nondiscoverable” mode Software that reveals private mistakes of the past. that protects them from invasion by information about the user or One such mistake was to underesti- worms. But few users avail themselves of computer system to eavesdroppers. mate how quickly malware would grow this feature. While giving a talk at a TROJAN HORSE in prevalence, diversity and sophistica- computer security conference this spring, A program that purports to be tion. Prevalence is a function of both the I conducted a quick scan of the room useful but actually harbors hidden population of potential hosts for virtual and found that almost half the profes- malicious code. pathogens and of their rate of infection. sionals in the audience had left the Blue- VIRUS The target population for malicious mo- tooth radios in their phones wide open. Originally, computer code that inserts bile software is enormous and growing The proportion is even higher among the itself into another program and by leaps. There are now more than two general population, so these devices of- replicates when the host software billion mobile phones in the world. fer a disturbingly effective vector for in- runs. Now often used as a generic It is true that the great majority of visible parasites. term that also includes Trojan horses and worms. these are older cell phones running And this host population is growing closed, proprietary operating systems rapidly.
Load more

Recommended publications
  • Identifying Threats Associated with Man-In-The-Middle Attacks During Communication Between a Mobile Device and the Back End Server in Mobile Banking Applications
    IOSR Journal of Computer Engineering (IOSR-JCE) e-ISSN: 2278-0661, p- ISSN: 2278-8727Volume 16, Issue 2, Ver. IX (Mar-Apr. 2014), PP 35-42 www.iosrjournals.org Identifying Threats Associated With Man-In-The-Middle Attacks during Communication between a Mobile Device and the Back End Server in Mobile Banking Applications Anthony Luvanda1,*Dr Stephen Kimani1 Dr Micheal Kimwele1 1. School of Computing and Information Technology, Jomo Kenyatta University of Agriculture and Technology, PO Box 62000-00200 Nairobi Kenya Abstract: Mobile banking, sometimes referred to as M-Banking, Mbanking or SMS Banking, is a term used for performing balance checks, account transactions, payments, credit applications and other banking transactions through a mobile device such as a mobile phone or Personal Digital Assistant (PDA). Mobile banking has until recently most often been performed via SMS or the Mobile Web. Apple's initial success with iPhone and the rapid growth of phones based on Google's Android (operating system) have led to increasing use of special client programs, called apps, downloaded to the mobile device hence increasing the number of banking applications that can be made available on mobile phones . This in turn has increased the popularity of mobile device use in regards to personal banking activities. Due to the characteristics of wireless medium, limited protection of the nodes, nature of connectivity and lack of centralized managing point, wireless networks tend to be highly vulnerable and more often than not they become subjects of attack. This paper proposes to identify potential threats associated with communication between a mobile device and the back end server in mobile banking applications.
    [Show full text]
  • 100169 V2 BCG Mobile Malware Infographic
    KNOW THY With mobile usage at an all time high, malware specifically designed for smartphones has become more prevalent and sophisticated. MOBILE ENEMY. We’re here to help. Mobile malware can take on many different forms: POTENTIALLY UNWANTED SOFTWARE (PUS) The Basics How PUS Starts Signs of a PUS Attack • Often poses as • Users allow permission • Sudden increase in junk antivirus software because attack poses as SMS texts antivirus software • Similar to adware • Data stolen from your or spyware contacts list and shared with third parties • Millions of variations already exist RANSOMWARE The Basics Complete Anonymity Ransomware & Fear • Advanced cryptographic • Assailants demand • Most aren’t likely to report Accept threats that hold untraceable ransom ransomware acquired from les hostage payment (Bitcoin) embarrassing sources (ie. porn) • Ransom is due within • Attackers use Tor network a strict time limit to hide destination • Often payment doesn’t mean before les become of payment the bad guys uphold their permanently inaccessible end of the bargain • .onion addresses often used in ransom demands How Ransomware Starts • Installing risky mobile apps from insecure websites INFORMATION LEAKAGE Every Move is Monitored IMEI Identifier Broadcast Personal Privacy Threats Within Mobile Network • Often results from app • Can lead to cloned • Utilize GPS satellite designers who don’t phones where service systems to create digital encrypt or do it wrong is hijacked “breadcrumbs” showing activity • Reveal where people live, work, socialize, etc. using social networking options TOP TWO INFECTION VECTORS MIXING BUSINESS WITH PLEASURE Users now have one device for everything— #1 Porn #2Suspicious chances of personal use impacting business networks at 36% WebAd networks/large networks are higher than ever.
    [Show full text]
  • Mobile Malware
    CS 155 Spring 2016 Mobile Malware John Mitchell Outline • Mobile malware • Identifying malware – Detect at app store rather than on platform • Classification study of mobile web apps – Entire Google Play market as of 2014 – 85% of approx 1 million apps use web interface • Target fragmentation in Android – Out-of-date Apps may disable more recent security platform patches Malware Trends W Based on FairPlay vulnerability • Requires malware on user PC, installation of malicious app in App Store • Continues to work after app removed from store • Silently installs app on phone Android malware 2015 Current Android Malware Description AccuTrack This application turns an Android smartphone into a GPS tracker. Ackposts This Trojan steals contact information from the compromised device and uploads them to a remote server. Acnetdoor This Trojan opens a backdoor on the infected device and sends the IP address to a remote server. Adsms This is a Trojan which is allowed to send SMS messages. The distribution channel ... is through a SMS message containing the download link. Airpush/StopSMS Airpush is a very aggresive Ad-Network. … BankBot This malware tries to steal users’ confidential information and money from bank and mobile accounts associated with infected devices. http://forensics.spreitzenbarth.de/android-malware/ Trends 2014-15 Android free antivirus apps … 1. Comodo Security & Antivirus 2. CM Security Antivirus AppLock 3. 360 Security - Antivirus Boost 4. Sophos Free Antivirus and Security 5. Malwarebytes Anti- Malware 6. Bitdefender Antivirus
    [Show full text]
  • Mobile Malware Security Challenges and Cloud-Based Detection
    Mobile Malware Security Challeges and Cloud-Based Detection Nicholas Penning, Michael Hoffman, Jason Nikolai, Yong Wang College of Business and Information Systems Dakota State University Madison, SD 57042 {nfpenning, mjhoffman13054, janikolai}@pluto.dsu.edu, [email protected] Abstract— Mobile malware has gained significant ground since the techniques, privilege escalation, remote control, financial dawning of smartphones and handheld devices. TrendLabs charge, and information collection, etc. The previous stated estimated that there were 718,000 malicious and high risk Android techniques provide a malicious attacker with a variety of options apps in the second quarter of 2013. Mobile malware malicious to utilize a compromised mobile device. infections arise through various techniques such as installing repackaged legitimate apps with malware, updating current apps Many mobile malware prevention techniques are ported from that piggy back malicious variants, or even a drive-by download. desktop or laptop computers. However, due to the uniqueness of The infections themselves will perform at least one or multiple of smartphones [6], such as multiple-entrance open system, the following techniques, privilege escalation, remote control, platform-oriented, central data management, vulnerability to financial charge, and information collection, etc. This paper theft and lost, etc., challenges are also encountered when porting summarizes mobile malware threats and attacks, cybercriminal existing anti-malware techniques to mobile devices. These motivations behind malware, existing prevention methods and challenges include, inefficient security solutions, limitations of their limitations, and challenges encountered when preventing signature-based mobile malware detection, lax control of third malware on mobile devices. The paper further proposes a cloud- party app stores, and uneducated or careless users, etc.
    [Show full text]
  • Cyber Threat Metrics
    SANDIA REPORT SAND2012-2427 Unlimited Release Printed March 2012 Cyber Threat Metrics Mark Mateski, Cassandra M. Trevino, Cynthia K. Veitch, John Michalski, J. Mark Harris, Scott Maruoka, Jason Frye Prepared by Sandia National Laboratories Albuquerque, New Mexico 87185 Sandia National Laboratories is a multi-program laboratory managed and operated by Sandia Corporation, a wholly owned subsidiary of Lockheed Martin Corporation, for the U.S. Department of Energy's National Nuclear Security Administration under contract DE-AC04-94AL85000. Approved for public release; further dissemination unlimited Issued by Sandia National Laboratories, operated for the United States Department of Energy by Sandia Corporation. NOTICE: This report was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government, nor any agency thereof, nor any of their employees, nor any of their contractors, subcontractors, or their employees, make any warranty, express or implied, or assume any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represent that its use would not infringe privately owned rights. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government, any agency thereof, or any of their contractors or subcontractors. The views and opinions expressed herein do not necessarily state or reflect those of the United States Government, any agency thereof, or any of their contractors. Printed in the United States of America. This report has been reproduced from the best available copy.
    [Show full text]
  • Mobile Malware Network View Kevin Mcnamee : Alcatel-Lucent Agenda
    Mobile Malware Network View Kevin McNamee : Alcatel-Lucent Agenda • Introduction • How the data is collected • Lies, Damn Lies and Statistics • Windows PC Malware • Android Malware • Network Impact • Examples of malware • DDOS Monitoring the Mobile Network • Monitor GTP-C traffic MOBILE NETWORK SECURITY ANALYTICS - Maps IMSI, APN & EMEI to IP address - Associates infection with a specific device or user Forensic Analysis • Monitor GTP-U traffic Alert - Malware C&C Aggregation & Analysis - Exploits Malware - DDOS Detection Sensor - Hacking 10GE or GE NodeB SGSN RAN Alternate Tap Recommended Alternate tap RNC (Iu-PS and S1-u) Tap (Gn and choice (Gi and Internet S5/8) SGi) GGSN/PGW eNodeB SGW 3 Monitoring the Mobile Network • Analytics Provides MOBILE NETWORK SECURITY ANALYTICS - Raw security alerts - Trigger packets - Infection history by device Forensic Analysis - Infection history by malware Alert • Reports Aggregation & Analysis - Most active malware Malware Detection - Network impact Sensor - Infection rates 10GE or GE NodeB SGSN RAN Alternate Tap Recommended Alternate tap RNC (Iu-PS and S1-u) Tap (Gn and choice (Gi and Internet S5/8) SGi) GGSN/PGW eNodeB SGW 4 Detection Rules Development Process MALWARE TRAFFIC SAMPLES POLICY MALWARE ZERO DAY RULES TRAFFIC BEHAVIORAL VIRUS VAULT SANDBOX DEVELOPMENT LIBRARY RULES LIBRARY RULES • 120K+ ANALYZED PER DAY • 30M+ Active samples RULE ACTIVATION RULES REPOSITORY DEPLOYMENT-SPECIFIC RULE SETS FEEDBACK FROM FIELD QUALITY TESTS TESTING FIELD TESTING IN LIVE NETWORKS 5 Infection Rate • C&C detection measures actual infections as seen from the network • Problem is growing (by 25% in 2014) • LTE device 5 times more likely to be infected 6 Estimates of Mobile Malware infection However… rates vary wildly - ALU, Lookout & Google report 0.4% to 0.6% - Verizon Breach Report quoted 0.03% - Damballa quoted 0.0064% at RSA.
    [Show full text]
  • Symbian Worm Yxes: Towards Mobile Botnets?
    J Comput Virol (2012) 8:117–131 DOI 10.1007/s11416-012-0163-2 ORIGINAL PAPER Symbian worm Yxes: towards mobile botnets? Axelle Apvrille Received: 20 December 2010 / Accepted: 3 April 2012 / Published online: 1 May 2012 © Springer-Verlag France 2012 Abstract In 2009, a new Symbian malware named the costs and inconveniences caused by the famous Comm- SymbOS/Yxes was detected and quickly hit the headlines Warrior worm, with 115,000 infected phones [14] and over as one of the first malware for Symbian OS 9 and above 450,000 messages [16] sent prove the matter cannot be under- all as the foretaste of a mobile botnet. Yet, detailed analy- estimated. sis of the malware were still missing. This paper addresses At the beginning of 2009, a new Symbian malware was this issue and details how the malware silently connects to detected [13]. It installed on recent and widely-deployed the Internet, installs new malware or spreads to other victims. Symbian OS 9 phones. The malware looked perfectly legiti- Each of these points are illustrated with commented assembly mate and there was no hint it might be a malware apart from code taken from the malware or re-generated Symbian API the fact it created no application icon. As it was typically con- calls. Besides those implementation aspects, the paper also nected to the word “sexy” (sexy.sisx as package name, “Sexy provides a global overview of Yxes’s behaviour. It explains View”, “Sexy Girls”, “Sexy Space” as application name etc), how malicious remote servers participate in the configuration Fortinet christened it Yxes, i.e.
    [Show full text]
  • MOBILE MALWARE EVOLUTION 2016 Contents the Year in Figures
    MOBILE MALWARE EVOLUTION 2016 Contents The year in figures ......................................................................................................................................... 2 Trends of the year .......................................................................................................................................... 2 Malicious programs using super-user rights ............................................................................................. 3 Cybercriminals continue their use of Google Play..................................................................................... 4 Bypassing Android’s protection mechanisms ............................................................................................ 6 Mobile ransomware................................................................................................................................... 7 A glance into the Dark Web. Contribution from INTERPOL’s Global Complex for Innovation. ..................... 8 Marketplaces ................................................................................................................................................. 8 Vendor shops, forums and social media ....................................................................................................... 9 Statistics ....................................................................................................................................................... 10 Geography of mobile threats ..................................................................................................................
    [Show full text]
  • Android Malware Category and Family Detection and Identification Using Machine Learning
    Android Malware Category and Family Detection and Identification using Machine Learning Ahmed Hashem El Fiky1*, Ayman El Shenawy1, 2, Mohamed Ashraf Madkour1 1 Systems and Computer Engineering Dept., Faculty of Engineering, Al-Azhar University, Cairo, Egypt. 1 Systems and Computer Engineering Dept., Faculty of Engineering, Al-Azhar University, Cairo, Egypt. 2 Software Engineering and Information Technology, Faculty of Engineering and Technology, Egyptian Chinese University, Cairo, Egypt. [email protected] [email protected] [email protected] Abstract: Android malware is one of the most dangerous threats on the internet, and it's been on the rise for several years. Despite significant efforts in detecting and classifying android malware from innocuous android applications, there is still a long way to go. As a result, there is a need to provide a basic understanding of the behavior displayed by the most common Android malware categories and families. Each Android malware family and category has a distinct objective. As a result, it has impacted every corporate area, including healthcare, banking, transportation, government, and e-commerce. In this paper, we presented two machine- learning approaches for Dynamic Analysis of Android Malware: one for detecting and identifying Android Malware Categories and the other for detecting and identifying Android Malware Families, which was accomplished by analyzing a massive malware dataset with 14 prominent malware categories and 180 prominent malware families of CCCS-CIC- AndMal2020 dataset on Dynamic Layers. Our approach achieves in Android Malware Category detection more than 96 % accurate and achieves in Android Malware Family detection more than 99% accurate. Our approach provides a method for high-accuracy Dynamic Analysis of Android Malware while also shortening the time required to analyze smartphone malware.
    [Show full text]
  • Containing Conficker to Tame a Malware
    &#4#5###4#(#%#5#6#%#5#&###,#'#(#7#5#+#&#8##9##:65#,-;/< Know Your Enemy: Containing Conficker To Tame A Malware The Honeynet Project http://honeynet.org Felix Leder, Tillmann Werner Last Modified: 30th March 2009 (rev1) The Conficker worm has infected several million computers since it first started spreading in late 2008 but attempts to mitigate Conficker have not yet proved very successful. In this paper we present several potential methods to repel Conficker. The approaches presented take advantage of the way Conficker patches infected systems, which can be used to remotely detect a compromised system. Furthermore, we demonstrate various methods to detect and remove Conficker locally and a potential vaccination tool is presented. Finally, the domain name generation mechanism for all three Conficker variants is discussed in detail and an overview of the potential for upcoming domain collisions in version .C is provided. Tools for all the ideas presented here are freely available for download from [9], including source code. !"#$%&'()*+&$(% The big years of wide-area network spreading worms were 2003 and 2004, the years of Blaster [1] and Sasser [2]. About four years later, in late 2008, we witnessed a similar worm that exploits the MS08-067 server service vulnerability in Windows [3]: Conficker. Like its forerunners, Conficker exploits a stack corruption vulnerability to introduce and execute shellcode on affected Windows systems, download a copy of itself, infect the host and continue spreading. SRI has published an excellent and detailed analysis of the malware [4]. The scope of this paper is different: we propose ideas on how to identify, mitigate and remove Conficker bots.
    [Show full text]
  • Contemporary Report
    . .......... Mobile Phone and Infrastructure Vulnerabilities Summary and Analysis of Disclosed Issues 2005-2006 Prasanna Kannan Nesret Krasniqi The Thesis comprises 30 ECTS credits and is a compulsory part in the Master of Science with a Major in Master’s Programme in Electrical Engineering with specialisation in Communication and Signalprocessing, 120 ECTS credits Nr 9/2007 Mobile Phone and Infrastructure Vulnerabilities 2005 & 2006 Mobile Phone and Infrastructure Vulnerabilities – summary and analysis of disclosed issues 2005 - 2006 Prasanna Kannan Nesret Krasniqi Master thesis Series and Number Communication and Signal Processing 9/2007 University College of Borås School of Engineering SE-501 90 BORÅS Telephone +46 033 435 4640 Examiner: Jim Arlebrink Supervisor: Lennart Damm Client: OnePutt Solutions, Uppsala, Sweden. Date: 2007-11-08 Keywords: Mobile vulnerabilities , symbian viruses 1 Mobile Phone and Infrastructure Vulnerabilities 2005 & 2006 TABLE OF CONTENTS Abstract………………………………………………………………………………………………………………………10 Introduction……………………………………………………………………………………………………………..........11 About this report…………………………………………………………………………………………………………….12 What is a mobile phone virus and how does it spread? .............. ……………………………………………………………………114 List of vulnerabilities addressed…………………………………………………………………………………………….13 Statistics diagrams for 2005 and 2006………………………………………………………………………………………14 Overview of vulnerability families…………………………………………………………………………………………..16 Analysis………………………………………………………………………………………………………………………26 1. Skulls.D vulnerability
    [Show full text]
  • Yet Another Symbian Vulnerability Update
    Edith Cowan University Research Online Australian Information Security Management Conference Conferences, Symposia and Campus Events 11-30-2010 Yet Another Symbian Vulnerability Update Nizam Uddin Bhuiyan Edith Cowan University Follow this and additional works at: https://ro.ecu.edu.au/ism Part of the Information Security Commons DOI: 10.4225/75/57b523eccd8ae 8th Australian Information Security Mangement Conference, Edith Cowan University, Perth Western Australia, 30th November 2010 This Conference Proceeding is posted at Research Online. https://ro.ecu.edu.au/ism/101 Proceedings of the 8th Australian Information Security Management Conference Yet Another Symbian Vulnerability Update Nizam Uddin Bhuiyan School of Computer and Security Science Edith Cowan University Perth, Western Australia [email protected] Abstract The more the mobile devices are approaching to advance their security, the numbers of vulnerabilities are also becoming more astonishing. The number of mobile phones including smart phones is rising vertically, and so has the amount of malware activity. This report documents the latest threats in Symbian mobile industry and analyses the consequence. In addition, it will suggest the possible solution that may help individuals to protect their device & ultimately maintain the privacy. Keywords Symbian, Nokia vulnerability, Nokia threats, Mobile threat, Symbian malware, Symbian virus, Cell security, Consequences and counter measure for mobile threats. BACKGROUND The popularity of mobile has reached to sky high regardless whether you receive a blank SMS frequently or your mobile keeps sending a SMS to strangers persistently without your knowledge. According to Goode Intelligence 2009 Mobile Security Survey, “In the last couple of years, the percentage of mobile messaging traffic (SMS/MMS/e-mail) that is defined as spam or malware has risen from approximately 2% to between 20% and 30% of total traffic” (Francis, 2010).
    [Show full text]