How your phone is becoming the next battleground for attackers


The war against malware will increasingly be fought via mobile platforms in the next few years. So says Kevin McNamee, director of motive security at Alcatel-Lucent. McNamee spoke at the SecTor 2015 conference, presenting his view of emerging mobile malware threats.

It’s no wonder that attackers are moving increasingly into the mobile arena for malware attacks. After all, our mobile phones are perhaps our biggest repositories of personal data. They are with us all the time. Half of all traffic on the Internet is mobile, because that’s the way we browse, buy products, and communicate.

McNamee predicts that mobile spyware and ransomware will continue to grow, having already become clear and present dangers for mobile users. Mobile spyware is sold as a commercial product these days, while PowerOffHijack, a particularly devious piece of malware, is programmed to spy on victims even when their phones are off. Ransomware like Simplocker and Lockerpin are already hitting Android users in the wild.

These programs all attack Android, which is the most popular platform for attackers because the most people use it (84.7% of people as of November 2015).We caught up with McNamee for an in-depth interview on the increasing threat to our most treasured devices, which you can see here:

“People infect themselves, mainly,” pointed out McNamee, by downloading Trojan apps from third party app stores, of which there are more for Android devices. There have been some platform vulnerabilities too, though; the Stagefright bug let an attacker infect the machine with a text message and video attachment, meaning that a simple Google Hangouts message could compromise a machine, no third party app store or phone rooting required.

Patching these bugs is difficult, because there are multiple stakeholders involved. The operating system vendor can issue the patch, but then in Android’s case, the phone manufacturer has to deploy it, and then the phone carrier has to verify the upgrade. Things are getting better, said McNamee, but the process needs work.

Android is far from the only system at risk. iOS has its problems too. Most recently, an attacker in China managed to distribute illegitimate versions of XCode, the development environment used to produce iOS applications. This resulted in compromised versions of apps in the iTunes App Store.

As malware writers become more sophisticated, expect to see new threats emerging, argued McNamee. Malware designed to send phone spam will become more of a problem, he predicted, as may the mobile payment systems currently in deployment. Indeed attacks on NFC-based payment systems have already been proven.

Check out McNamee’s SecTor 2015 talk here:


Bookmark and Share