Перейти к содержанию

Recommended Posts

Virus takes flight with bite

If we date the emergence of the smartphone back to 2000, with the launch of the Ericsson R380 and the Nokia 9210, it took over three years for the first examples of mobile malware to arrive.

We will look at how mobile phones have increasingly become the target of malware authors.

In June 2004, security researchers were sent copies of the first mobile virus, Cabir, a worm that infected the Symbian 60 OS.

Written by members of an international group of virus writers, 29A, it was a proof-of-concept virus written in C++ using Symbian and Nokia’s own SDK.

Ingeniously, it used an attack vector common to nearly all Symbian smartphones, Bluetooth, appearing as a .SIS file installed in the phone’s apps directory.

The virus itself was harmless, doing little more than displaying the message ‘Caribe’ on the phone’s display every time it was turned on. It was not even released into the wild.

Unfortunately, it was not long before less scrupulous hackers found Cabir, and began to engineer their own variations.

By mid-2005 Cabir was the foundation for whole families of Symbian viruses, including Pbstealer, a Trojan that searched the phone’s address book, then transmitted data obtained via Bluetooth to the first device in range.

Cabir might have been the first mobile virus, but it was not alone for long.

In August 2004 a Trojan was found in illicit versions of the Symbian mobile game, Mosquito.

Each time the game was played, the Trojan would send a premium SMS message to a certain number, making it the first mobile virus to take money from its victims.

By autumn 2004, Cabir and Mosquito had been joined by Skuller, another Symbian Trojan.

Skuller exploited a vulnerability in Symbian, replacing system icons with skull and crossbones alternatives, then delete application files.

It was a simple vandal Trojan, distributed through Web sites and forums as a theme file offering new icons and new wallpapers.

However, it was surprisingly successful, particularly when enhanced with the incorporation of code from Cabir to spread through Bluetooth.

Cabir, Mosquito and Skuller began a stream of viruses attacking the Symbian OS, replacing system apps, installing corrupt or malignant apps, or infecting user files.

The viruses spread via malignant apps, Bluetooth and MMS multimedia messages.

The latter vector allowed the malware to spread rapidly by replicating itself and sending copies to other phones listed in the owner’s address book, as in the case of the CommWarrior virus.

This phase also saw the first examples of the cross-platform virus, with SymbOS Cardtrap not just deleting files and replacing system apps on the phone, but installing Windows malware on memory cards. Connect your phone, and you infected your PC.

New decade, new platforms, new threats

By early 2006, mobile malware was spreading to other platforms.

Viruses for Windows CE and Windows Mobile became more prevalent, with MMS vulnerabilities in Windows Mobile 2003 making it a particularly attractive option.

While the popularity of Nokia phones made Symbian the lead platform for virus writers until 2010, canny hackers had noticed an even more exciting opportunity: the Java platform for embedded systems, J2ME.

J2ME viruses had an advantage in that they did not just attack Symbian smartphones, but every mobile platform that supported the Java implementation.

The first J2ME virus, RedBrowser.A, used vulnerabilities in Java and SMS to send premium-rate SMS messages to a fraudulent contact, setting the dominant pattern for J2ME malware.

Between 2009 and 2010 there was an explosion in mobile malware, with numbers doubling, and as the fastest-growing platform, a large percentage of viruses focused on SMS fraud.

By 2009, the attacks were also growing increasingly sophisticated, with examples such as the Chinese SexySpace Symbian S60 virus kicking off by sending SMS messages with links to every phone number in the address book, prompting them to download pornographic content.

This is a trend that we have seen continue onto the Android platform.

Rise of Android malware

Launched in 2008, Google’s Android operating system did not boast a big enough user-base to attract virus-writers in its first two years. But, by 2010, its potential as a platform for malware was clear.

Android simply was not as secure as Apple’s iOS operating system. Google’s open model made it possible for a range of app stores, some illicit, to operate, and made it easy for malware to use social engineering methods to propagate.

It was even possible to smuggle malware onto Google’s own Android Marketplace store; difficult in Apple’s more carefully controlled ecosystem.

The first Android Trojan, AndroidOS.DroidSMS.A, was a classic SMS fraud app, emerging in August 2010.

In the same month, another Trojan was discovered in the game TapSnake, with this one transmitting the GPS location of infected phones.

Meanwhile, the notorious FakePlayer app was allowed to spread under the guide of a Movie Player app. It was not the most effective video player, but it did a marvelous job of sending SMS messages to premium numbers.

By the end of 2011, Android had overtaken Symbian and J2ME to become the lead platform for mobile malware.

While iPhone users had not been entirely protected, the most serious threats only affected Jailbroken iPhones.

Android threats, however, were only becoming smarter.

Backdoor malware was allowing hackers to take control of infected devices, while Android spyware was stealing user-date and information that would make devices even more vulnerable.

The NickSpy Trojan even went so far as to record the owner’s phone conversations and upload them to a remote server, while variants added text messages, call data, GPS coordinates and photos to the package.

The year 2011 also saw the first mobile Man in the Middle attacks hit the Android, BlackBerry and Windows Mobile platforms.

Working in conjunction with the successful Zeus PC Trojan, ZitMo (Zeus-in-the Mobile) worked to gather information, such as mobile authorization codes, from smartphones that could then be used with data gathered from the user’s PC to access bank accounts.

WHILE GOOGLE has done much to beef-up Android security, Android’s huge market-share – 70 percent of smartphone sales in fourth-quarter 2012, according to Gartner – guarantees that it will be the leading malware platform for the foreseeable future, particularly as its share of the tablet market develops to match.

The question is, what threats are coming, and what will the world’s security experts do to repel them?

Full article

Поделиться сообщением

Ссылка на сообщение
Поделиться на другие сайты

  • Сообщения

    • Ramonsmaps
      Over the years of independence, the institute has trained more than 13000 physicians (including 800 clinical interns, 1116 masters, 200 postgraduates and 20 doctoral students) in various directions.

      870 staff work at the institute at present,[when?] including 525 professorial-teaching staff in 55 departments, 34 of them are Doctors of science and 132 candidates of science. 4 staff members of the professorial-teaching staff of the institute are Honoured Workers of Science of the Republic of Uzbekistan, 3 – are members of New-York and 2 – members of Russian Academy of Pedagogical Science.

      The institute has been training medical staff on the following faculties and directions: Therapeutic, Pediatric, Dentistry, Professional Education, Preventive Medicine, Pharmacy, High Nursing Affair and Physicians’ Advanced Training. At present[when?] 3110 students have been studying at the institute (1331 at the Therapeutic faculty, 1009 at the Pediatric, 358 at the Dentistry, 175 students at the Professional Education Direction, 49 at the faculty of Pharmacy, 71 at the Direction of Preventive Medicine, 117 ones study at the Direction of High Nursing Affair).

      Today graduates of the institute are trained in the following directions of master's degree: obstetrics and gynecology, therapy (with its directions), otorhinolaryngology, cardiology, ophthalmology, infectious diseases (with its directions), dermatovenereology, neurology, general oncology, morphology, surgery (with its directions), instrumental and functional diagnostic methods (with its directions), neurosurgery, public health and public health services (with its directions), urology, narcology, traumatology and orthopedics, forensic medical examination, pediatrics (with its directions), pediatric surgery, pediatric anesthesiology and intensive care, children's cardiology and rheumatology, pediatric neurology, neonatology, sports medicine.

      The clinic of the institute numbers 700 seats and equipped with modern diagnostic and treating instrumentations: MRT, MSCT, Scanning USI, Laparoscopic Center and others.

      There are all opportunities to carry out sophisticated educational process and research work at the institute.

      medical institutes of uzbekistan

      medical institutes of uzbekistan
      regional scientific medical library
      electronic library of a medical student
      electronic medical library official website
    • Dmitrius
      Сервис подбора и сравнение кредитов Случается так, что деньги нужны срочно. Поэтому если у вас нет накоплений, рациональней всего обратиться за помощью на этот сайт, где собраны надежные, проверенные банки, которым точно можно доверять. Учреждения подготовили лучшие предложения, которые только возможны. На этом сайте есть возможность подобрать кредит, а также оформить займ либо взять деньги на приобретение автомобиля. И самое главное, что все это на наиболее выгодных для вас условиях. Автокредит Казахстан проценты - это шанс купить все, что нужно, не отказывая себе в покупке. Все банковские продукты различаются требованиями, условиями выдачи, а потому рекомендуется детально изучить условия договора и особенности выдачи денежных средств. Потребительский кредит оформить (рассчитать) в Алматы получится в данный момент. На этом сайте вы сможете не только подобрать подходящий вариант, но и сравнить имеющиеся. Затем следует определиться с тем, в какой банк обратиться за материальной поддержкой. Составить заявку на выдачу средств можно в режиме реального времени. Кредит наличными заявка онлайн выдается в течение часа наиболее комфортным для вас способом. На портале опубликован список всех доступных предложений, имеется необходимая информация о каждом банке и кредитах. Выберете самую низкую процентную ставку, а также сумму и сроки, на которые планируете занять сумму. Все максимально просто, быстро и понятно. Ипотека проценты Казахстан (ипотека Казахстан) - это отличная возможность решить свои жилищные проблемы. Важно помнить о том, что лишь надежные компании с огромным опытом готовы предложить приемлемые условия. Выберете подходящий для себя банковский продукт, чтобы поправить материальное положение.
    • Dmitrius
      Интернет магазин автозапчастей  Интернет-магазин «AUTOSHOP» реализует внушительный выбор деталей на автомобили - их можно подобрать не только по наименованию, но и артикулу и другим параметрам. Имеются разные запчасти на любые автомобили самых разных марок и моделей - вы сможете их найти в один клик. Запчасти находятся на складе - это дает возможность осуществить быструю транспортировку. Сотрудничество исключительно с надежными, проверенными поставщиками, которые работают на совесть и предлагают продукцию безупречного качества и с длительными эксплуатационными сроками. Автозапчасти интернет магазин для иномарок рекомендует ознакомиться с полным ассортиментом – он даст возможность подобрать вариант с учетом обозначенных требований. Перед тем, как осуществить приобретение, необходимо детально изучить технические аспекты, ведь именно они влияют на сроки эксплуатации и внешний вид авто. Но если вам требуется помощь специалиста, то вы всегда можете воспользоваться профессиональной консультацией. Автозапчасти для иномарок Курск вы обязательно подберете для любой машины, несмотря на год производства. Изучите справочник автотоваров, каталог, а также новости, представленные на данную тематику - информация поможет принять правильное решение. Сотрудники интернет-магазина быстро реагируют на появление новых деталей в европейских магазинах для того, чтобы в ближайшее время пополнить ими свой ассортимент. Это даст возможность быстро среагировать за изменяющуюся ситуацию. Каталог автозапчастей Курск содержит огромный перечень деталей. Они созданы в соответствии с самыми высокими стандартами, нормами, требованиями. Администрация проверяет запчасти на соответствие заданным характеристикам, поэтому в продажу попадает только та продукция, которая имеет сопроводительную документацию, сертификаты. На продукцию есть гарантии, подтверждающие безупречное качество, оригинальность.
    • JamesBisee
      Купить газовый котел с закрытой камерой сгорания в Москве
    • PR55.RP55
      По всей видимости uVS не всегда может получить доступ к: Hosts Нужно чтобы в Лог писалась информация: "Нет доступа  к Hosts " Вроде сейчас uVS  соответствующих записей не создаёт?