ie8 fix
madison

Hardware 2.0

Adrian Kingsley-Hughes
Home / News & Blogs / Hardware 2.0

Report: Mobile malware to affect more than 1 in 20 devices within 12 to 24 months

By | July 12, 2011, 5:40am PDT

Within 12 to 24 months over 1 in 20 (5.6%) of all Android phones and iPads/iPhones could become infected with mobile malware if fraudsters start to integrate zero-day vulnerabilities into leading exploit kits, claims security firm Trusteer.

According to the company, Google’s Android platform is a ‘fraudster’s heaven’ because the “security architecture is not currently up to the challenge” given the “ease of generating powerful fraudulent applications and the ease of distributing these applications.” Also highlighted is the fact that there are no effective controls over the app submission process and that this allows malware into the Android Market.

Here’s the killer quote:

“Compared to Apple’s App Store, Android Market is the Wild West. You can’t always trust applications you download from it.”

Apple and the iOS doesn’t escape criticism either. While the company admits that Apple’s App Store is far more secure than Android market because of the strict controls placed on apps and the manual review process, jailbreaking represents a real threat, and vulnerabilities that allow for jailbreaking over the web could present a serious problem.

“JailbreakMe.com published an exploit which allows the automated jailbreaking of iOS devices from a specially created Web site. PDF files that exploit this vulnerability are reportedly publicly available. Even clicking a crafted PDF document or surfing to a website with the PDF documents are sufficient to infect the mobile device with malware.”

Trusteer also offers up a four-point recommendation for secure mobile banking which I think are worth repeating here:

  1. Check rating, user reviews, and comments for each mobile application you download. Avoid low rated, new applications, and bad reviews.
  2. Carefully review the permission requested by Android applications when you install them. Applications that ask for access to text messages and other sensitive information should raise a red flag and further researched before you download it
  3. Have your PC protected with an online banking security software such as Trusteer Rapport, which you can download from your bank’s website. This software can break MitMo attacks by not allowing fraudsters control of the web channel.
  4. Regularly install updates for your mobile device
Is this crying wolf, or is there a serious threat out there? Whatever you do, take care out there!

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Hardware 2.0”

Topics

Mobile, Malware, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology.

Disclosure

Adrian Kingsley-Hughes

All opinions expressed on Hardware 2.0 are those of Adrian Kingsley-Hughes. Every effort is made to ensure that the information posted is accurate. If you have any comments, queries or corrections, please contact Adrian via the email link here. Any possible conflicts of interest will be posted below. [Updated: February 23, 2010] - Adrian Kingsley-Hughes has no business relationships, affiliations, investments, or other actual/potential conflicts of interest relating to the content posted so far on this blog.

Biography

Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.

Adrian has authored/co-authored technical books on a variety of topics, ranging from programming to building and maintaining PCs. His most recent books include "Build the Ultimate Custom PC", "Beginning Programming" and "The PC Doctor's Fix It Yourself Guide". He has also written training manuals that have been used by a number of Fortune 500 companies.

Adrian also runs a popular blog under the name The PC Doctor, where he covers a range of computer-related topics -- from security to repairing and upgrading.

13
Comments
Add Your Opinion

Join the conversation!

Just In

RE: Report: Mobile malware to affect more than 1 in 20 devices within 12 to 24 months
iceberg34 15th Sep
Hull have announced that Richard Agar will be John Kear's assistant for the 2005 and 2006 Super League seasons.
The 32-year-old has had a successful year at National League Two side York City Knights jigolo medyum web tasarim duvar kagidi ofis mobilyalari buro mobilyalari Hava Perdeleri Hava Perdesi Fiyatlari Hava Perdesi Hava Perdesi Fiyatlari Hava Perdesi Hava Perdeleri sosyal medya bez canta and reached Grand Finals as a player for Dewsbury and Widnes.
"He's a coach of undoubted potential as his record already indicates," said Kear, who takes over from Shaun
ingilterede dil egitimi ingilterede ingilizce ingilterede dil okullari Londra dil okullari ingilterede sertifika programlari
ingilterede master ingilterede yuksek lisans ingilterede egitim ingilterede universite ingilterede mba ingilterede sertifika programlariMcRae as Hull's head coach next season.
"He's a great thinker of the game who shows tremendous innovation."
View in thread
0 Votes
+ -
Android is too dangerous, and Google doesn't care
LP212 12th Jul
Android is a terrible choice for the normal consumer, only geeks should be permitted to purchase the dangerous devices.
0 Votes
+ -
RE: Report: Mobile malware to affect more than 1 in 20 devices within 12 to 24 months
spark555 12th Jul
@LP212 If you're not sharp enough to avoid malware on Android, then heck - just use the stock Android experiences - they've got most of what you need covered. Don't go to the store if you're terrified of being mugged.
0 Votes
+ -
slight modification needed...
i8thecat3 12th Jul
@spark555

If you're not sharp enough to avoid Android, then heck - you deserve malware... The roid store should be safe... "Should" being the key word... But Google cares as much about customer safety as they do about customer privacy... Not at all.
0 Votes
+ -
Silly
cramleir 12th Jul
Should we blame Microsoft that you can download potentially dangerous files from the internet? The fact of the matter is that any OS will have exploits written, and there is nothing anyone can do about it.
0 Votes
+ -
RE: Report: Mobile malware to affect more than 1 in 20 devices within 12 to 24 months
jeremychappell 12th Jul
@cramleir The difference here is the apps are from the Google's Android Marketplace - not some random little corner of the web. "Normal" users aren't used to this being a risk.

So while I see where you're coming from, "normal" users won't see it this way - and I think their view is reasonable.
0 Votes
+ -
RE: Report: Mobile malware to affect more than 1 in 20 devices within 12 to 24 months
owlnet 12th Jul
People are buying these handsets because of hype. But its demise will be arriving sooner than expected. Android has no patents and is created using stolen code and IP because of Google greed. That idiot schmidt was sitting in apple board, and he has bribed lot of politicians and officals world wide. With the Nortel patents given to Apple/MS/Sony/Rim/Ericcson, the legal noose is tightening. And then there is java. Soon it will costs the OEM $100, just for paying royalities. Google should be taught a lesson for its evil/fraud ways of doing business.
0 Votes
+ -
How can I protect myself from iOS PDF flaw?
toddybottom 12th Jul
Is this a drive by that can totally own my iPhone with no interaction required from me?
0 Votes
+ -
Simple precautions
keebaud@... 12th Jul
@toddybottom Don't open emails you're not expecting, be careful what websites you visit, and apply any iOS updates that Apple supply. Oh, and for added security don't jailbreak your phone.
Oh, and some user interaction is still required. You still need to visit the site hosting the PDF. It's not like this vulnerability can attack the phone whilst it's sitting in your pocket.
0 Votes
+ -
Thank you
toddybottom 12th Jul
@keebaud@...
I will be very careful what websites I browse to and what emails I open with my iPhone. Too bad, I was led to believe that iPhone could be used without any worries.

By user interaction, I meant something out of the ordinary. A device that is only safe when it isn't being used isn't a useful device.
0 Votes
+ -
RE: Report: Mobile malware to affect more than 1 in 20 devices within 12 to 24 months
Doctor Demento 12th Jul
@toddybottom
Yes, it is, it's a drive by exploit, the best thing to do right now is jailbreak it at jailbreakme.com and then install Cydia PDF patch...right now that's the only patch until Apple publishes one of their own.
0 Votes
+ -
Nos. 5 and 6 (for online banking)
Rabid Howler Monkey 12th Jul
5. Don't use the device's default web browser for anything.

Download and install a 3rd party web browser and use it only for online banking.

Download and install a 2nd 3rd party web browser and use it for everything else.

6. Don't allow anyone else to use your device. Period.
0 Votes
+ -
RE: Report: Mobile malware to affect more than 1 in 20 devices within 12 to 24 months
dennyc5@... 13th Jul
I'm really not worried about malware because I'm really careful and I'm a tech so I know what to look for. The thing I hate is buying and/or installing an app and having it no longer work like TV Shows Stream. I really liked that app and now it's gone.
0 Votes
+ -
RE: Report: Mobile malware to affect more than 1 in 20 devices within 12 to 24 months
iceberg34 15th Sep
Hull have announced that Richard Agar will be John Kear's assistant for the 2005 and 2006 Super League seasons.
The 32-year-old has had a successful year at National League Two side York City Knights jigolo medyum web tasarim duvar kagidi ofis mobilyalari buro mobilyalari Hava Perdeleri Hava Perdesi Fiyatlari Hava Perdesi Hava Perdesi Fiyatlari Hava Perdesi Hava Perdeleri sosyal medya bez canta and reached Grand Finals as a player for Dewsbury and Widnes.
"He's a coach of undoubted potential as his record already indicates," said Kear, who takes over from Shaun
ingilterede dil egitimi ingilterede ingilizce ingilterede dil okullari Londra dil okullari ingilterede sertifika programlari
ingilterede master ingilterede yuksek lisans ingilterede egitim ingilterede universite ingilterede mba ingilterede sertifika programlariMcRae as Hull's head coach next season.
"He's a great thinker of the game who shows tremendous innovation."

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix