Over 60% of Android handsets at risk from malware: Trend Micro
Security firm warns UAE smartphone users of threats posed by cyber-villains
Mobile malware variants continue to rise alarmingly in number, and cyber criminals have even found innovative ways to legitimise the malicious code they peddle, Trend Micro warned today.
In its latest Annual Security Roundup report, the company highlighted that over 60% of Android smartphones are at risk because they running on Android 4.3 or earlier. In 2014 cumulative discoveries of Android malware variants doubled, from 2.09m in the first quarter to 4.26m in the fourth quarter, according to the report.
At a media roundtable in Dubai, Trend Micro showed the ease with which non-technical users could find, subscribe to and use Web-based spyware. In a demonstration seen by ITP.net, Hani Abdel Qader, senior sales engineer, Trend Micro, took control of an Android-based smartphone that had not been previously rooted.
Qader proceeded to access almost every aspect of the phone, recording phone conversations, accessing SMS messages, and showing Web-browsing and location history.
He was able to record, with remarkable clarity, ambient conversations taking place in proximity to the compromised handset and play them back moments later. While recording was taking place, no warning was given by the handset, not even a blinking light.
Qader also showed how the command-and-control software could alert the cyber-criminal if the compromised handset entered a geographic radius defined by them.
The command-and-control hub works by sending out emails and SMS messages that try to convince the recipient to click a link. If they do, this will initiate a download of malware that will sit undetected on the device unless ferreted out by sophisticated cyber forensics. Success at this stage is a function of how effective the attacker's social engineering is, but once the user clicks on the link, the entire phone is open.
Continues on next page>>
The software Qader used is one of several products available, some of which carry as little as a $60 one-off cost. Most can be found by a simple Google search, without the need to access hacker forums or the so-called Deep Web, where websites lurk unseen by commercial search engines. While some of these malware vendors have been shut down by global law enforcement agencies, such as the US Federal Bureau of Investigation, others have found ways to remain in business by disguising the services they offer.
"All you have to do [as a vendor of spyware] to make it look more legitimate is post warnings on the website and in the software... and most of these services are marketing themselves as parental control [tools]," Qader said.
"[Also], these websites will tell you that you need physical access to the phone, avoiding [mention of] remote [malware installation capabilities], to make it more legitimate."
Despite the increase in abundance of mobile malware threats, Trend Micro believes many end-users are still largely ignorant of the weakness of their handset's security. The company holds regular sessions on mobile hacking to create awareness of how easy it is to fall prey to malicious actors.