By Dan Kaplan on Nov 1, 2011

Sometimes, the forecasters guess correctly. That appears to be the case with the myriad statements entering 2010 and 2011 that forecasted a precipitous rise in malware targeting mobile devices.

According to a McAfee report released in February, the number of new mobile malware variants totalled 55,000 last year, a rather large spike of 46 percent compared to 2009. Clearly, the threat landscape has come a long way since 2004, when the first-ever malware for the mobile phone, known as Cabir, was sent to a number of anti-virus firms for inspection. The worm, written for Symbian feature phones, was merely an innocuous proof-of-concept – it was designed to display the word “Caribe” on the phone’s display and spread to other devices using Bluetooth signals – but its arrival certainly proved prescient.

A couple of years later, in 2006, Kaspersky Lab identified what it called the first piece of mobile malware designed to steal money – a virus that targets devices running Java. Dubbed RedBrowser, the virus sent text messages to premium-rate numbers without the user even realising it.

Fast forward to 2011 and it appears the tipping point is near. According to Nielsen, the number of smart phones in the United States, such as the iPhone, BlackBerry and Android, is expected this year to overtake the number of feature phones. This steady ascension, from handhelds that provide few capabilities beyond calling and texting to phones with functionality that resembles a traditional computer, has of course piqued the interest of the malware community.

After years of test runs that largely affected mobile phone users overseas, cyber criminals are now rolling up their sleeves and readying their wares to resemble what malware victims are used to seeing on their desktop or laptop computer.

“Smart phones have all the components you would expect of a traditional PC,” says Andy Chou, co-founder and chief scientist of Coverity, a software integrity firm. “They are capable and complex. They have operating systems and applications that run on top of them.”

Hackers traditionally have written most of their malware for Symbian and Windows Mobile devices because they are the oldest and most researched. But that all seems to be changing.

Full Article

Copyright © SC Magazine, US edition