sb-nz logo
Story image

Mobile networks infected by Windows and PC devices

Security threats on mobile networks are increasingly coming from personal computers and laptops, according to new research from Alcatel-Lucent, which attributes an increase in mobile malware to Windows/PC devices.

The research also found a significant increase in the number of ‘spyphone’ apps being detected on both Android and iOS mobile devices. 

The Motive® Security Labs H1 2015 Malware Report examines general trends and statistics for malware infections in devices connected through mobile and fixed networks. 

In the first half of 2015 report, Alcatel-Lucent estimates that 80% of malware infections detected on mobile networks have been traced to

Windows-based computers and laptops. This finding represents a significant change from 2013 and 2014 when the source of mobile network infections were roughly split 50:50 between Android and Windows-supported devices.  

Alcatel-Lucent says PCs and laptops are the favourite targets of hardcore professional cybercriminals who have invested heavily in the Windows malware ecosystem. Their contribution to the infection rate on the mobile network has significantly increased as mobile networks are increasingly used as the primary way to access the internet, the company says.

The report found that cybercriminals are quickly taking advantage of unique opportunities in the mobile ecosystem to spread spyware. According to the figures, 10 of the 25 most prolific threats on smartphones are in the mobile spyware category and are often delivered bundled with games and free software. 

Alcatel-Lucent says these sophisticated spyware apps enable the remote tracking of a phone owner’s movements as well as the monitoring of phone calls, text messages, e-mails and browsing habits.  

While tracking applications can be used for legitimate purposes, such as a parent keeping track of their children, there are also far more sinister uses for these types of applications, the company says.

“The modern smartphone also presents the perfect platform for corporate and personal espionage, information theft, denial of service attacks on businesses and governments, and banking and advertising scams,” says Patrick Tan, general manager of Network Intelligence at Alcatel-Lucent.

“It can be used simply as a tool to photograph, film, record audio, scan networks and immediately transmit results to a safe site for analysis,” he explains. 

“That’s why Alcatel-Lucent favours a network-based security solution that detects malware before it can do any damage.”

Tan says adware has also been on the increase in 2015 with ads becoming more sinister. 

One identified by Motive is BetterSurf, a moderate-threat Windows Adware contained within software bundles offering free applications or games. When installed, it adds a plugin to Internet Explorer, Firefox and Chrome browsers that injects pop-up ads into web pages. While it looks like run-of-the-mill adware, the ads themselves are very dangerous. Many are phishing attempts to install additional malware and engage in fraudulent activity.    In examining the top 25 threats to mobile devices, the report concluded that the main threats are currently:    •    Spyphone apps that track calls, text messages, location, e-mail and browsing;  •    ‘Scareware’ apps that try to extort money by claiming to have encrypted the phone’s data; •    Identity theft apps that steal personal information from the device; •    Banking ‘Trojans’ that attempt to steal banking credentials and credit card numbers;    •    SMS Trojans that make a living by sending text messages to ‘premium’ numbers; •    Malicious adware that uses personal information, without consent, to deliver annoying targeted ads. •    A proxy app allowing hackers to anonymously browse the web through an infected phone - at the owner’s expense.

The report also highlights one of the most talked about potential threats of 2015 so far: Stagefright. This is a series of vulnerabilities in

Android’s media display software which gives attackers complete control of a phone by simply sending it an MMS message with a specially crafted media attachment.  When the message is received, the Android operating system automatically tries to open the attachment, infecting the device as it does without any interaction from the user. Furthermore, it is estimated that the Stagefright vulnerability could affect almost 1 billion devices.   So far there is no known malware that actively exploits the Stagefright vulnerability, but the report highlights that it is an example of how sophisticated threats to mobile networks are becoming, and illustrates the need for network-based security systems by service providers.  

Story image
Microsoft Exchange breach a wake-up call to ditch the server
"There are owners who still have in-house exchange servers because they are suspicious of the cloud or have concerns about their data sovereignty or don't want to contemplate the capital expenditure. But the warning is clear. Get rid of them."More
Story image
Tesserent to acquire Secure Logic's managed security services business
Secure Logic delivered an audited turnover of $9 million in FY 2020 and a $4.2 million EBITDA, with reportedly ‘strong’ earnings going into FY 2021.More
Story image
The mirrored world: Digital twins redefine business intelligence
The world’s most visionary leaders will use technology to master change and shape the future.More
Story image
ESET reveals APT groups exploiting Microsoft Exchange vulnerabilities
A number of advanced persistent threat (APT) groups are exploiting the latest Microsoft Exchange vulnerabilities, according to new ESET research.More
Story image
Attivo Networks expands Active Directory suite for greater protection
"We see Active Directory exploitation used in the majority of ransomware, insider and advanced attacks. We are pleased to now offer our customers early and efficient solutions for preventing the misuse of Active Directory.”More
Link image
Virtual demo: Diagnose network cabling problems with the LinkIQ Cable+Network Tester
If you’re finding it difficult to install access points and cabling, or if you can’t pinpoint an issue with a video camera or end user, the LinkIQ Cable+Network Tester could be exactly what you need. Try a free, fully interactive demo now.More