Mobile malware has gone from an afterthought to a serious issue for smartphone and tablet users seemingly overnight. More savvy consumers have known about the threats presented by mobile malware for quite some time, but even they don’t always protect themselves against various threats. Malware targeting smartphones and tablets is getting more sophisticated, as we saw recently when a researcher created screenlogging software capable of tracking your touchscreen swipes in order to steal PIN numbers, user names, passwords, credit card numbers and anything else you might type into your phone. Now, a new study shows us why smartphone and tablet users need to start taking mobile malware more seriously. More →
Smartphone malware is on the rise and with 99% of known malware targeting Google’s Android platform — which is also the most popular mobile platform in the world by a tremendous margin — users must start making an effort to protect themselves against various threats. The latest example of the terrifying possibilities out there comes from Trustwave security researcher Neal Hindocha, who built a proof-of-concept that could be one of the most troubling examples of smartphone malware we’ve seen to date. More →
Long before we knew the NSA was monitoring our every move, the constant threat of getting a virus was the primary concern for most Internet users. Viruses are still a major problem for many people, and the United States is host to a ridiculous 44% of the malware online today according to Solutionary. In fact, the U.S. hosts five times the amount of malware as the next leading offender, Germany. Cybercriminals are making use of some of the most popular cloud service to proliferate their malware. More →
Hackers in Europe managed to target several cash machines from an unnamed bank earlier last year by infecting them with malware from USB drives, BBC News reports. The researchers who discovered the hack detailed their findings at the Chaos Computing Congress in Hamburg, Germany recently. According to their report, the ATM thefts were discovered in July after a bank noticed how its machines were emptied of cash even though the cash should have been protected inside safes. The bank then discovered how criminals were cutting holes into ATMs in order to transfer malware from the USB to the ATM. Once the data transfer was complete, the holes would be patched up to conceal the attack. More →
Andrew “bunnie” Huang and Sean “xobs” Cross have discovered a way to hack even the small microSD cards that go inside current smartphones and tablets to increase their storage, as well as other flash-based memory solutions, presenting their findings at the Chaos Computer Congress (30C3). In a detailed blog post on bunnie:studios, Huang explained how the hack works, and why many flash cards are susceptible to being hacked and used for malicious purposes by people who are aware of this particular potentially serious security vulnerability. More →
New light has been shed on the extensive scope of the National Security Agency’s spying operations yet again in a couple of reports from German publication Der Spiegel, which reveal various new “features” of the covert intelligence operations conducted by the NSA’s “geek” armies. The agency will apparently pull out all the stops in order to get to the information it seeks, even if that means intercepting shipping of computers purchased online by targets in order to infect them with spyware, or replace components with its own malware-installed hardware. More →
Computer scientists have developed an audio malware prototype that’s capable of establishing communication between devices that do not have an active network connection, Ars Technica reports. Instead, the lab-created malware uses the built-in microphones and speakers to send out a high-frequency signal from an infected computer to a different source. While it has limited use and can only send 20 bits of data per second to up to 65 feet the audio malware concept can still be used to send out significant data, including user and passwords for certain systems. Additionally, the distance can be increased by adding more attacker-controlled devices to repeat the audio signal.
If you’ve never encountered ransomware, consider yourself lucky. Ransomware is malware that completely locks down your computer and threatens to corrupt or destroy your files unless you pay a fine. In the past, there have been relatively simple workarounds to remove ransomware from your computer, but Ars Technica shares the stories of those who came face to face with CryptoLocker, an especially persistent piece of ransomware that demands affected users pay a $300 fee if they ever want to see their files again. More →
Despite some security improvements in recent releases, Android continues to have a major malware problem. The United States Department of Homeland Security has issued a report this summer outlining the threat that malware poses to emergency responders and security personnel who may find their Android devices compromised if they don’t take the proper precautions. The report says that devices that are still running on Android 2.3 Gingerbread are particularly vulnerable to attacks and that users should make sure they have devices with the latest versions of Android installed. The department also recommends that users install at least one Android mobile security suite as well as the Carrier IQ Test app to weed out malicious software.
As the prevalence of Android malware grows, its sophistication is naturally growing as well. Kaspersky researcher Roman Unuchek writes that he and his team recently stumbled upon a new Android Trojan that he calls the most sophisticated one he’s ever seen. What makes this Trojan, dubbed “Backdoor.AndroidOS.Obad.a,” so bad? Unuchek says that it’s a “multi-functional Trojan” capable of “sending SMS to premium-rate numbers; downloading other malware programs, installing them on the infected device and/or sending them further via Bluetooth; and remotely performing commands in the console.” More →
One downside of shifting to a post-PC world is the inevitable development and refinement of post-PC malware. Technology Review this week spoke with security researchers who say that they’re seeing an upgrade in both the quantity and sophistication of mobile malware attacks as hackers try to create a winning formula for distributing malware to mobile devices. At the moment, the researchers say that cybercriminals are experimenting with injecting malware into popular mobile websites and quietly installing it onto users’ devices whenever they visit compromised pages.
The latest numbers from Google (GOOG) reveal that Gingerbread was still the most widely used version of the Android platform as of October. The two-year old operating system is powering more than 50% of all Android devices in use and because of that, it is being targeted with malware more than any other mobile platform. According to a report from Kaspersky Lab, Android 2.3.6 Gingerbread accounted for 28% of all blocked malware attempts in the third quarter of 2012, while Ice Cream Sandwich accounted for 22% of blocked attempts. More →
If your sweet old grandmother sends you an email threatening to slit your throat, don’t worry: It’s just the malware talking. NBC’s TechNewsDaily reports that there’s a new strain of malware going around in Japan that takes control of users’ email accounts and uses them to send out death threats to a variety of targets. In fact, the malware is apparently so convincing that three people in Japan so far have been arrested because their email accounts have sent out death threats they didn’t write. More →