Mobile malware is ten years old today

This is one birthday users of modern mobile phones and tablets would rather forget.

 

Cabir, the world's first mobile malware, first infected Nokia Series 60 phones running the Symbian operating system by spreading itself via Bluetooth in 2004.

 

Since then, the number of mobile malware had exploded, with security vendor Fortinet expecting the Internet of Things to be the "next big thing" for the cybercriminal.

 

"(W)ith the explosion of smartphones and other mobile technologies, a reasonable prediction is the convergence of mobile and PC malware. As everything becomes 'mobile,' all malware will then be 'mobile,'” it said.

 

It added malware would then likely go beyond mobile devices, and may target the Internet of Things (IoT), or devices that can connect to  the Internet.

 

"While extremely difficult to forecast the number of connected objects on the market in the next five years, Gartner estimates 30 billion objects will be connected in 2020, while IDC estimates that market to be 212 billion. More and more manufacturers and service providers are capitalizing on the business opportunity presented by these objects, but it’s reasonable to assume that security has not yet been taken into account in the development process of these new products," it said.

 

Fortinet also noted that in 2013, its FortiGuard Labs had seen more than 1,300 new malicious applications per day and is now 

tracking more than 300 Android malware families and more than 400,000 malicious Android applications.

 

Such malware now have capabilities such as geo-location, microphones, embedded GPS and cameras, "all of which enable a particularly intrusive level of spying on their owners."

 

After 2004, mobile malware evolved to spread itself through MMS via CommWarrior, which was discovered in 2005.

 

"The virus, which also targeted the Symbian 60 platform, has been reported in more than 18 countries across Europe, Asia and North America. Altogether, the mobile worm infected more than 115,000 mobile devices and sent more than 450,000 MMS messages without the victims’ knowledge, illuminating for the first time that a mobile worm could propagate as quickly as a PC worm," Fortinet said.

 

In 2007 and 2008, there was an "increase in the number of malware that accessed premium rate services without the device owner’s" knowledge, Fortinet said.

 

In 2009, Fortinet discovered Yxes (an anagram of ”Sexy”), a botnet malware behind the seemingly legitimate ”Sexy View” application.

 

Yxes forwards the infected phone's address book to a central server, which then forwards a SMS containing a URL to each 

of the contacts.

 

"Yxes also had the distinction of being a Symbian certified 

application, which took advantage of a quirk within the Symbian ecosystem that allowed developers to 'sign off' applications themselves," it noted.

 

Industrial age

 

Fortinet said 2010 was the Industrial Age of mobile malware with its transition from geographically localized to large-scale, organized cybercriminals operating worldwide.

 

It said 2010 also saw the introduction of the first mobile 

malware derived from PC malware - Zitmo, a banking Trojan developed for the PC world.

 

"Working in conjunction with Zeus, Zitmo is leveraged by cybercriminals to bypass the use of SMS messages in online banking transactions, thus circumventing the security process," it said.

 

Ransomware

 

In 2013, cybercriminals came up with FakeDefend, the first 

ransomware for Android mobile phones.

 

"Disguised as an antivirus, this malware works in a similar way to the fake antivirus on PCs. It locks the phone and requires the victim to pay a ransom (in the form of an exorbitantly high antivirus subscription fee, in this case) in order to retrieve the contents of the device," it said.

 

Yet, it said paying ransom does nothing to repair the phone, which must be reset to factory settings.

 

Also in 2013, Chuli appeared, marking the first targeted attack on the Android platform.

 

“2013 can be considered the year mobile attacks 'turned pro.' Increasingly targeted and sophisticated, malware like FakeDefend or Chuli are examples of attacks comparable to those we know of today in the PC world," said Axelle Apvrille, senior mobile anti-virus researcher with Fortinet’s FortiGuard Labs. — TJD, GMA News