Mobile malware explained

Mobile malware is malicious software that targets mobile phones or wireless-enabled Personal digital assistants (PDA), by causing the collapse of the system and loss or leakage of confidential information. As wireless phones and PDA networks have become more and more common and have grown in complexity, it has become increasingly difficult to ensure their safety and security against electronic attacks in the form of viruses or other malware.[1]

History

The first known virus that affected mobiles, "Timofonica", originated in Spain and was identified by antivirus labs in Russia and Finland in June 2000. "Timofonica" sent SMS messages to GSM-capable mobile phones that read (in Spanish) "Information for you: Telefónica is fooling you." These messages were sent through the Internet SMS gateway of the MoviStar mobile operator. "Timofonica" ran on PCs and did not run on mobile devices so was not a true mobile malware[2]

In June 2004, it was discovered that a company called Ojam had engineered an anti-piracy Trojan hack in older versions of its mobile phone game, Mosquito. This sent SMS texts to the company without the user's knowledge.

In July 2004, computer hobbyists released a proof-of-concept virus Cabir, that infects mobile phones running the Symbian operating system, spreading via Bluetooth wireless.[3] [4] This was the first true mobile malware[5]

In March 2005, it was reported that a computer worm called Commwarrior-A had been infecting Symbian series 60 mobile phones.[6] This specific worm replicated itself through the phone's Multimedia Messaging Service (MMS), sending copies to contacts listed in the phone user's address book.

In August 2010, Kaspersky Lab reported the trojan Trojan-SMS.AndroidOS.FakePlayer.a.[7] This was the first SMS malware that affected Google's Android operating system,[8] and which sent SMS messages to premium rate numbers without the owner's knowledge, accumulating huge bills.[9]

Currently, various antivirus software companies offer mobile antivirus software programs. Meanwhile, operating system developers try to curb the spread of infections with quality control checks on software and content offered through their digital application distribution platforms, such as Google Play or Apple's App Store. Recent studies however show that mobile antivirus programs are ineffective due to the rapid evolution of mobile malware.[10]

In recent years, deep learning algorithms have also been adopted for mobile malware detection.[11]

Taxonomy

Many types of common malicious programs are known to affect mobile devices:

The main objective of this stand-alone type of malware is to endlessly reproduce itself and spread to other devices. Worms may also contain harmful and misleading instructions. Mobile worms may be transmitted via text messages SMS or MMS and typically do not require user interaction for execution.[12]

Unlike worms, a Trojan horse always requires user interaction to be activated. This kind of virus is usually inserted into seemingly attractive and non-malicious executable files or applications that are downloaded to the device and executed by the user. Once activated, the malware can cause serious damage by infecting and deactivating other applications or the phone itself, rendering it paralyzed after a certain period of time or a certain number of operations. Usurpation data (spyware) synchronizes with calendars, email accounts, notes, and any other source of information before it is sent to a remote server.In fact, with increase in creation of viruses & malwares like Trojan Horse, the camera crashing or camfecting issues are becoming quite common.[13]

This malware poses a threat to mobile devices by collecting, using, and illegally spreading a user's personal or sensitive information without the user's consent or knowledge. It is mostly classified into four categories: system monitors, trojans, adware, and tracking cookies.[14]

Covert method of bypassing security restrictions to gain unauthorized access to a computer system. In simpler words, a backdoor is a piece of code that allows others to go in and out of a system without being detected.[15]

A malware designed to secretly install other programs on a device, unbeknownst to the user. These could include other malicious programs or benign applications that the attacker is interested in spreading (often for financial gain in a [malvertising] campaign).

Notable mobile malicious programs

A trojan developed for an Android platform that propagates by installing applications that incorporate a hidden malware for installation in the background. It exploits the frailty in the version Gingerbread (2.3) of the operating system to use super-user permissions by privileged escalation. It then creates a service that steals information from infected terminals (user ID, number SIM, phone number, IMEI, IMSI, screen resolution and local time) by sending it to a remote server through petitions HTTP.

A trojan content in Android applications, which when executed, obtains root privileges and installs the file com.google. ssearch.apk, which contains a back door that allows files to be removed, open home pages to be supplied, and 'open web and download and install' application packages. This virus collects and sends to a remote server all available data on the terminal.

The first worm known for iOS platforms, identified in 2009.[27] It only works on terminals that were previously made a process of jailbreak, and spreads by trying to access other devices using the SSH protocol, first through the subnet that is connected to the device. Then, it repeats the process generating a random range and finally uses some preset ranges corresponding to the IP address of certain telephone companies. Once the computer is infected, the wallpaper is replaced by a photograph of the singer Rick Astley, a reference to the Rickroll phenomenon.

adware serving malware able to root Android devices.

This spyware was identified in August 2016. It exploited three previously undisclosed vulnerabilities in iOS, which when combined allowed for a remote jailbreak of an iOS device, something which had not been seen before for iOS devices in the wild.[32] Once installed, the spyware was capable of many features including logging encrypted messages, activating the phone microphone and secretly tracking phone movements. It was first identified for iOS platforms,[33] before being later identified for Android devices.[34]

See also

References

  1. Book: Mobile malware attacks and defense. 2009. Syngress/Elsevier. Dunham, Ken.. 9780080949192. Burlington, MA. 318353699.
  2. News: Mobile Phones Swamped by E-Mail Virus. ecommercetimes.com. 7 June 2000.
  3. http://www.cs.virginia.edu/robins/Malware_Goes_Mobile.pdf Malware Goes Mobile
  4. Book: Richard Hantula. How Do Cell Phones Work?. 2009. Infobase Publishing. 978-1-4381-2805-4. 27.
  5. Web site: 10 years since the first smartphone malware – to the day.. 2021-07-28. eugene.kaspersky.com.
  6. http://www.infoplease.com/ipa/A0872842.html Computer Virus Timeline
  7. http://www.2-remove-virus.com/police-or-fbi-virus-from-android-phone Android Virus
  8. Web site: Information about Smartphone Virus and Prevention tips . MyPhoneFactor.in . 2013-01-12.
  9. Web site: First SMS Trojan detected for smartphones running Android . Kaspersky Lab . 2010-10-18.
  10. Suarez-Tangil. Guillermo. Juan E. Tapiador. Pedro Peris-Lopez. Arturo Ribagorda. Evolution, Detection and Analysis of Malware in Smart Devices. IEEE Communications Surveys & Tutorials. 2014. 16. 2. 961–987. 10.1109/SURV.2013.101613.00077. 5627271. 2013-11-11. https://web.archive.org/web/20171031165855/http://www.seg.inf.uc3m.es/~guillermo-suarez-tangil/papers/2013cst-ieee.pdf. 2017-10-31. dead.
  11. Catal . Cagatay . 2022 . Applications of deep learning for mobile malware detection : A systematic literature review . EBSCOhost Military and Government Collection . 34 . 2 . 1007–1032.
  12. Web site: How to Remove an Android Virus . 2019-03-24. Latest Gadget . en-US. 2019-07-15.
  13. Web site: The Ultimate Guide to iPhone Repair: Common Problems and Fixes . 27 March 2023 .
  14. Web site: 2023-04-26 . How to Track Phone Silently [2023 Guide] - Techie Maish ]. 2023-05-16 . en-US.
  15. Web site: What Is A Backdoor and How to Protect Against It Safety Detective. Safety Detective. en-US . 2018-11-22.
  16. Web site: Toulas . Bill . New Android malware on Google Play installed 3 million times . Bleeping Computer . 13 July 2022.
  17. Web site: Mathur . Chandraveer . 2022-07-08 . Security researchers warn of Joker malware's resurgence in Play Store apps . 2022-07-14 . Android Police . en-US.
  18. Web site: Meet FlexiSpy, The Company Getting Rich Selling 'Stalkerware' to Jealous Lovers. 2021-07-28. www.vice.com. en.
  19. Web site: Gohring. Nancy. 2006-03-31. Spy software company argues product isn't a Trojan. 2021-07-28. Computerworld. en.
  20. Web site: Stalking Stalkerware: A Deep Dive Into FlexiSPY. 20 December 2019 .
  21. Web site: 2018-02-09. Top 10 Monitoring Features From FlexiSPY. 2021-07-28. FlexiSPY Blog. en-US.
  22. Web site: Mobile Malware Evolution: An Overview, Part 3. 2021-07-28. securelist.com.
  23. Web site: Singh. Rishi. 2009-05-11. NT fortifying against SMS virus. 2021-07-28. The Himalayan Times. en.
  24. Web site: SMS Virus Spreading All Over - Get Full Info. • TechSansar.com. 2021-07-28. en-US.
  25. Web site: Network Protection in the Middle East. https://web.archive.org/web/20170929134512/https://www.adaptivemobile.com/downloads/casestudies/AdaptiveMobile_Case_Study_SMS-MMS_150915.pdf. 2017-09-29. live.
  26. Web site: ZeuS-in-the-Mobile – Facts and Theories. 2021-04-19. securelist.com.
  27. Web site: 2009-11-08. First iPhone worm discovered – ikee changes wallpaper to Rick Astley photo. 2021-07-28. Naked Security. en-US.
  28. Web site: Kovacs. Eduard. Samsapo Android Malware Spreads like a Computer Worm. 2021-07-28. softpedia. 2 May 2014 . en.
  29. Web site: 2014-04-30. Android malware worm catches unwary users. 2021-07-28. WeLiveSecurity. en-US.
  30. Web site: Mobile virus hack Google Play user on Brazil.
  31. Web site: HummingBad malware infects 10m Android devices . 2016-07-06. Samuel Gibbs. . 6 July 2016 .
  32. Web site: Brandom. Russell. 2016-08-25. A serious attack on the iPhone was just seen in use for the first time. 2021-04-22. The Verge. en.
  33. 2016-08-24. The Million Dollar Dissident: NSO Group's iPhone Zero-Days used against a UAE Human Rights Defender. 2021-04-22. The Citizen Lab. en-US . Marczak . Bill . Scott-Railton . John .
  34. Web site: Pegasus for Android: the other side of the story emerges. 2021-04-22. blog.lookout.com. en-us.