Story image

Mobile networks infected by Windows and PC devices

21 Sep 2015

Security threats on mobile networks are increasingly coming from personal computers and laptops, according to new research from Alcatel-Lucent, which attributes an increase in mobile malware to Windows/PC devices.

The research also found a significant increase in the number of ‘spyphone’ apps being detected on both Android and iOS mobile devices. 

The Motive® Security Labs H1 2015 Malware Report examines general trends and statistics for malware infections in devices connected through mobile and fixed networks. 

In the first half of 2015 report, Alcatel-Lucent estimates that 80% of malware infections detected on mobile networks have been traced to

Windows-based computers and laptops. This finding represents a significant change from 2013 and 2014 when the source of mobile network infections were roughly split 50:50 between Android and Windows-supported devices.  

Alcatel-Lucent says PCs and laptops are the favourite targets of hardcore professional cybercriminals who have invested heavily in the Windows malware ecosystem. Their contribution to the infection rate on the mobile network has significantly increased as mobile networks are increasingly used as the primary way to access the internet, the company says.

The report found that cybercriminals are quickly taking advantage of unique opportunities in the mobile ecosystem to spread spyware. According to the figures, 10 of the 25 most prolific threats on smartphones are in the mobile spyware category and are often delivered bundled with games and free software. 

Alcatel-Lucent says these sophisticated spyware apps enable the remote tracking of a phone owner’s movements as well as the monitoring of phone calls, text messages, e-mails and browsing habits.  

While tracking applications can be used for legitimate purposes, such as a parent keeping track of their children, there are also far more sinister uses for these types of applications, the company says.

“The modern smartphone also presents the perfect platform for corporate and personal espionage, information theft, denial of service attacks on businesses and governments, and banking and advertising scams,” says Patrick Tan, general manager of Network Intelligence at Alcatel-Lucent.

“It can be used simply as a tool to photograph, film, record audio, scan networks and immediately transmit results to a safe site for analysis,” he explains. 

“That’s why Alcatel-Lucent favours a network-based security solution that detects malware before it can do any damage.”

Tan says adware has also been on the increase in 2015 with ads becoming more sinister. 

One identified by Motive is BetterSurf, a moderate-threat Windows Adware contained within software bundles offering free applications or games. When installed, it adds a plugin to Internet Explorer, Firefox and Chrome browsers that injects pop-up ads into web pages. While it looks like run-of-the-mill adware, the ads themselves are very dangerous. Many are phishing attempts to install additional malware and engage in fraudulent activity. 
In examining the top 25 threats to mobile devices, the report concluded that the main threats are currently: 
•    Spyphone apps that track calls, text messages, location, e-mail and browsing; 
•    ‘Scareware’ apps that try to extort money by claiming to have encrypted the phone’s data;
•    Identity theft apps that steal personal information from the device;
•    Banking ‘Trojans’ that attempt to steal banking credentials and credit card numbers;   
•    SMS Trojans that make a living by sending text messages to ‘premium’ numbers;
•    Malicious adware that uses personal information, without consent, to deliver annoying targeted ads.
•    A proxy app allowing hackers to anonymously browse the web through an infected phone - at the owner’s expense.

The report also highlights one of the most talked about potential threats of 2015 so far: Stagefright. This is a series of vulnerabilities in

Android’s media display software which gives attackers complete control of a phone by simply sending it an MMS message with a specially crafted media attachment.  When the message is received, the Android operating system automatically tries to open the attachment, infecting the device as it does without any interaction from the user. Furthermore, it is estimated that the Stagefright vulnerability could affect almost 1 billion devices.
So far there is no known malware that actively exploits the Stagefright vulnerability, but the report highlights that it is an example of how sophisticated threats to mobile networks are becoming, and illustrates the need for network-based security systems by service providers.

New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.