Is mobile malware really a risk?
Following on from the Samsung Wave and HTC Magic shipping with a malware-infected microSD card, we investigate into how much of a threat mobile malware is.
Mobile malware has seen a lot of coverage recently, as both the Samsung Wave and HTC Magic have mistakenly been shipped with microSD cards loaded with malware. But does this really pose a risk to smartphone users?
The Vodafone-branded HTC Magic was infected with the Mariposa botnet client, although Panda software also discovered the Conficker worm and Lineage password-stealing malware on the device. It's thought that up to 3,000 of HTC's Android devices were infected in Spain.
Samsung's Wave device was shipped in Germany with the slmsrv.exe worm installed on its microSD card. When the device is plugged into a computer, it will copy the aUtoRuN.iNF and slmsrv.exe files to the connected device to spread.
Malware loaded onto microSD cards provides just the same risk as malware loaded onto CDs, DVDs and now USB thumb-drives it's merely transport for the malicious software to move from device to PC and infect the computer.
Historically, Symbian, Java and Windows Mobile were the most targeted mobile platforms, partly because of their openness and partly because they've been around for a while.
However as Symbian's market share has waned, it's not the target it once was.
Platforms like the iPhone are also better protected as apps are signed and Apple applies this control, meaning they are less likely to be targeted.
Android platforms will probably not be as tight on security as users are allowed to install whatever they like, and Google monitors the market much less stringently.
That said, all mobile platforms are at risk, according to Con Mallon, Symantec's consumer director of regional product marketing, in Europe, the Middle East and Africa (EMEA).
"Any operating system and application is likely to have some sort of vulnerability, given the complexity of software these days," he said.
"There are differences in the context within which mobile OS and applications currently exist. The world of the PC platform, where we can see, day in day out the creation and vast distribution of malware is one that is primarily homogeneous i.e. Windows dominates."