Thursday 3 January 2013

3 Reasons Owning a Mobile Device will Suck in 2013

Best part of the new year? Predictions!

Will Rihanna leave Chris Brown? Will Katie Holmes date Bradley Cooper? Will we make contact with aliens? Here at SumRando, we are so FREAKING EXCITED for the coming year.

Sadly, the party poopers over at McAfee Labs thought we should hear about some real predictions. Ya know, the kind that are important. In their defense, they put together a pretty good list. Lots of malware, hacking and software issues. But the big takeaway?

Having a mobile device is going to suck this year.

These guys are pretty legit
From mobile worms to malicious apps and ransomware, we are all doomed. DOOMED.

Mobile worms on victims’ machines that buy malicious apps

In 2013, malware installs you!

Once criminals discover a profit-making technique that works, they’re likely to reuse and automate it. For example, Android/Marketpay.A is a Trojan horse program that buys apps from an app store without user permission. We’re likely to see crooks take this malware’s app-buying payload and add it to a mobile worm. Buying apps developed by malware authors puts money in their pockets. A mobile worm that uses exploits to propagate over numerous vulnerable phones is the perfect platform for malware that buys such apps; attackers will no longer need victims to install a piece of malware. If user interaction isn’t needed, there will be nothing to prevent a mobile worm from going on a shopping spree.

Malware that blocks security updates to mobile phones

Think you’re going to update away that app buying malware. How about nope?

One of the advantages that a mobile service provider (as opposed to Microsoft, for example) has in fighting malware is that once the cell company recognizes malware it can automatically push an update to customers to clean their devices. This works on phones that have not been rooted (or unlocked) by their owners. For mobile malware to stick around for a long time, it will have to prevent updates. Putting an app on a store that does nothing more than download external malware which locks the phone from communicating with the cell provider will achieve this.

Mobile phone ransomware “kits” that allow criminals without programming skills to extort payments

Gimme your money or I'll brick the phone!

Ransomware on Windows PCs has more than tripled during the past year. Attackers have proven that this “business model” works and are scaling up their attacks to increase profits. One way ransomware is different from other types of malware—such as backdoors, keyloggers, and password stealers—is that attackers do not rely on their victims using the infected systems for financial transactions to separate them from their money. Instead these criminals hijack the users ability to access data, communicate, or use the system at all. The victims are faced with either losing their data or paying a ransom in the hope of regaining access. One limitation for many malware authors seeking profit from mobile devices is that more users transact business on desktop PCs rather than on tablets or phones. But this trend may not last; the convenience of portable browsers will likely lead more people do their business on the go. Attackers have already developed ransomware for mobile devices. What if the ransom demand included threats to distribute recorded calls and pictures taken with the phone? [McAfee]

No comments:

Post a Comment