Is mobile malware really a risk?

Following on from the Samsung Wave and HTC Magic shipping with a malware-infected microSD card, we investigate into how much of a threat mobile malware is.

Mobile malware has seen a lot of coverage recently, as both the Samsung Wave and HTC Magic have mistakenly been shipped with microSD cards loaded with malware. But does this really pose a risk to smartphone users?

The Vodafone-branded HTC Magic was infected with the Mariposa botnet client, although Panda software also discovered the Conficker worm and Lineage password-stealing malware on the device. It's thought that up to 3,000 of HTC's Android devices were infected in Spain.

Samsung's Wave device was shipped in Germany with the slmsrv.exe worm installed on its microSD card. When the device is plugged into a computer, it will copy the aUtoRuN.iNF and slmsrv.exe files to the connected device to spread.

Malware loaded onto microSD cards provides just the same risk as malware loaded onto CDs, DVDs and now USB thumb-drives it's merely transport for the malicious software to move from device to PC and infect the computer.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Historically, Symbian, Java and Windows Mobile were the most targeted mobile platforms, partly because of their openness and partly because they've been around for a while.

However as Symbian's market share has waned, it's not the target it once was.

Platforms like the iPhone are also better protected as apps are signed and Apple applies this control, meaning they are less likely to be targeted.

Android platforms will probably not be as tight on security as users are allowed to install whatever they like, and Google monitors the market much less stringently.

That said, all mobile platforms are at risk, according to Con Mallon, Symantec's consumer director of regional product marketing, in Europe, the Middle East and Africa (EMEA).

"Any operating system and application is likely to have some sort of vulnerability, given the complexity of software these days," he said.

Advertisement - Article continues below

"There are differences in the context within which mobile OS and applications currently exist. The world of the PC platform, where we can see, day in day out the creation and vast distribution of malware is one that is primarily homogeneous i.e. Windows dominates."

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now
Advertisement

Most Popular

Visit/policy-legislation/data-governance/354496/brexit-security-talks-under-threat-after-uk-accused-of
data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Visit/security/cyber-security/354468/if-not-passwords-then-what
cyber security

If not passwords then what?

8 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Visit/policy-legislation/31772/gdpr-and-brexit-how-will-one-affect-the-other
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020