google

Saturday, December 27, 2008

Mobile hackers a growing menace - thehindubusinessline.com - 25 Dec 08

Pune, Dec. 25 With the rise in mobile usage for real world applications, the menace of hackers is also set to increase during 2009. According to latest reports, India added seven million GSM users in November 2008 and this is expected to reach 650 million by 2012.

In an e-mail interview to Business Line, Mr Shantanu Ghosh, Vice-President, India Operations, Symantec, said the menace is set to grow in 2009, primarily because more people are turning towards smart phones that run on operating systems.

“These phones have large amount of money and real world applications similar to a desktop or laptop. As mobile usage continues to grow, so will mobile virus attacks,” he said.

Expanded functions


He pointed out that during 2008 smart phones became the major computing platform. A study by Gartner Research showed that smart phones outshipped laptops in 2007 and analysts predict that one billion mobile devices will hit the market by end of 2011.

As these smart devices increasingly feature expanded bandwidth and functionality, they are being used more like a PC than a phone. Essentially, smart phones are now being used the same way as computers and are accessing the same information.

While the aim of attacks targeting mobile devices are similar to those targeting PCs – to obtain confidential information for financial gain – the propagation methods of smart phone attacks are specific to the mobile platform, said Mr Shantanu.

One type of attack involves use of SMS (text) messages. Since mobile users typically perceive text messages as being more personal than e-mail messages, they are more likely to trust them and act on them.

Other threats, such as snoopware, specifically leverage mobile device functionality, for example by using the phone’s camera to spy on the user, by disabling applications, or sending text messages from the phone without the user’s knowledge.

Symantec also observed viruses spread with Bluetooth transfers, game downloads, and updates to the phone’s system, ringtones, or alerts.

The latest and most sophisticated threats are known as “Pranking4Profit”, where the attack results in theft by accessing premium mobile SMS payments, he added.

Spam trouble


Mr Amit Nath, Country Manager, India and SAARC, Trend Micro, said globally, Mobile Secure Content Management was an estimated $221 million market in 2008. It is expected to grow to $313 million in 2009.

Spam does not spare mobile phones too. For instance, in March 2008, a massive spam attack hit nearly 200 million Chinese mobile phone users – approximately half of China’s total mobile population received unwanted text messages from seven online advertising firms.

Quoting an example, Mr Nath said in early 2008, a malware targeting Windows Mobile PocketPC was found. “Detected as WINCE_INFOJACK.A, this worm specifically runs on Windows CE environment, leaves the mobile phone open to other malware and installs unsigned applications without the user’s consent. It also steals information such as Mobile IMEI or serial number, OS version, model and platform and hosts name which it sends back to the malware author/s. Besides, the malware also changes the security settings of the affected phone,” he said. Mobile phones were infected when using an infected memory card or through SMS.

Mobile phones were infected when an infected memory card was used or through SMS.

According to him, 2009 would see more threats make money out of mobile technologies. As mobile phones and other handheld devices become more interconnected with their desktop counterparts, more threats to attempt to “cross over” multiple machines and devices via common application platforms (e.g., .NET, JAVA, etc.) are to be expected. Because the smart phones today run more like a regular PC, we need to treat them like regular PCs.

By R. Savitha

No comments: