Mobile networks infected by Windows and PC devices
Security threats on mobile networks are increasingly coming from personal computers and laptops, according to new research from Alcatel-Lucent, which attributes an increase in mobile malware to Windows/PC devices.
The research also found a significant increase in the number of ‘spyphone’ apps being detected on both Android and iOS mobile devices.
The Motive® Security Labs H1 2015 Malware Report examines general trends and statistics for malware infections in devices connected through mobile and fixed networks.
In the first half of 2015 report, Alcatel-Lucent estimates that 80% of malware infections detected on mobile networks have been traced to
Windows-based computers and laptops. This finding represents a significant change from 2013 and 2014 when the source of mobile network infections were roughly split 50:50 between Android and Windows-supported devices.
Alcatel-Lucent says PCs and laptops are the favourite targets of hardcore professional cybercriminals who have invested heavily in the Windows malware ecosystem. Their contribution to the infection rate on the mobile network has significantly increased as mobile networks are increasingly used as the primary way to access the internet, the company says.
The report found that cybercriminals are quickly taking advantage of unique opportunities in the mobile ecosystem to spread spyware. According to the figures, 10 of the 25 most prolific threats on smartphones are in the mobile spyware category and are often delivered bundled with games and free software.
Alcatel-Lucent says these sophisticated spyware apps enable the remote tracking of a phone owner’s movements as well as the monitoring of phone calls, text messages, e-mails and browsing habits.
While tracking applications can be used for legitimate purposes, such as a parent keeping track of their children, there are also far more sinister uses for these types of applications, the company says.
“The modern smartphone also presents the perfect platform for corporate and personal espionage, information theft, denial of service attacks on businesses and governments, and banking and advertising scams,” says Patrick Tan, general manager of Network Intelligence at Alcatel-Lucent.
“It can be used simply as a tool to photograph, film, record audio, scan networks and immediately transmit results to a safe site for analysis,” he explains.
“That’s why Alcatel-Lucent favours a network-based security solution that detects malware before it can do any damage.”
Tan says adware has also been on the increase in 2015 with ads becoming more sinister.
One identified by Motive is BetterSurf, a moderate-threat Windows Adware contained within software bundles offering free applications or games. When installed, it adds a plugin to Internet Explorer, Firefox and Chrome browsers that injects pop-up ads into web pages. While it looks like run-of-the-mill adware, the ads themselves are very dangerous. Many are phishing attempts to install additional malware and engage in fraudulent activity. In examining the top 25 threats to mobile devices, the report concluded that the main threats are currently: • Spyphone apps that track calls, text messages, location, e-mail and browsing; • ‘Scareware’ apps that try to extort money by claiming to have encrypted the phone’s data; • Identity theft apps that steal personal information from the device; • Banking ‘Trojans’ that attempt to steal banking credentials and credit card numbers; • SMS Trojans that make a living by sending text messages to ‘premium’ numbers; • Malicious adware that uses personal information, without consent, to deliver annoying targeted ads. • A proxy app allowing hackers to anonymously browse the web through an infected phone - at the owner’s expense.
The report also highlights one of the most talked about potential threats of 2015 so far: Stagefright. This is a series of vulnerabilities in
Android’s media display software which gives attackers complete control of a phone by simply sending it an MMS message with a specially crafted media attachment. When the message is received, the Android operating system automatically tries to open the attachment, infecting the device as it does without any interaction from the user. Furthermore, it is estimated that the Stagefright vulnerability could affect almost 1 billion devices. So far there is no known malware that actively exploits the Stagefright vulnerability, but the report highlights that it is an example of how sophisticated threats to mobile networks are becoming, and illustrates the need for network-based security systems by service providers.