Mobile Malware: Threats and Prevention (part 1)
Carrying a “smart” mobile phone is almost like having a powerful computer in your pocket. An increasing number of phones sold today—especially in Europe—include not only a camera but also extensive online access, keyboards, and other typical
computer functions.However, with power and convenience comes a cost. Just as our desktop and laptop computers face security threats, so do these smart phones. The unfortunate irony of this evolution is that the greater the functionality gains, the
more vulnerable smart phones become to the same types of threats that plague our laptops and desktops.
The most common operating systems used by smart phones and personal digital assistants (PDAs) are Microsoft Windows CE and the Symbian OS. Windows Mobile 2003 and Windows Mobile 6 are based on the Windows CE, which has an open-source
kernel strategy. The operating system S60 is based on Symbian OS, a closed-source operating system that is developed and maintained by Nokia. (Many other products use S60, including phones from Samsung, Panasonic, Motorola, and Lenovo.) Because of Microsoft’s open-source policy with Windows CE, more smart phone device manufacturers have begun to adopt it. At the same time, the open-source code is attracting more and more malware writers, so the growing security problems of
smart phones are becoming a real concern to users.
Based on detection data from McAfee Avert labs
we’ve seen rapid growth in mobile malware, and we foresee a continuation of this trend for the rest of the year.What are the primary reasons for increased threats? The price of smart phones continues to drop, and more vendors are involved in
smart phone production.Windows CE’s open-source kernel policy allows virus writers to gain a deep under-
standing of the operating system.Smart phone users tend to input a great deal of private data into their devices; this
appeals to virus writers because of the potential financial gains from identity theft or misappropriation of credit card information.
As smart phone hardware capabilities increase, the operating system functionality also increases, which means malware authors always have new opportunities for exploitation.Developing software under Windows Mobile and Win32 is very similar, so it’s easy
for authors of Win32 malware to transition to mobile malware.
Next featured article
Which Features Are Most at Risk?