Tags:
Journalism of Courage
As the Mobile World Congress in Barcelona churns out phone after phone, taking Android to price points where a smartphone has never been before, comes the stark reminder that cyber criminals are also licking their lips at the sight of a larger target.
Incidentally, 2014 marks the tenth anniversary of SymbOS.Cabir, the first mobile malware. This worm targeted the then popular Symbian OS and made infected phones search for nearby Bluetooth devices and push the worm onto them. Mobile malware has only become more potent since.
“Threats such as Android.Hesperbot and Android.Perkel intercept SMS messages with 2FA codes and send them directly to attackers. They can also either steal other banking credentials or work with other computer-based threats to compromise victims’ accounts,” says a Symantec blog post by Threat Researcher Candid Wueest.
The blog says Android bootkits are being used to Windows computers and infect the computer’s startup code. This allows the malware to execute even before the operating system starts up.
Symantec says that with increased screening of applications making it more difficult for attackers to get their malicious apps onto the marketplace, they are looking to use desktop computers as a vehicle onto Android handsets, leading to the birth of hybrid threats.”To avoid this threat, users should be wary of connecting their mobile device to untrustworthy desktop computers and ensure that they have security software on both their desktop and mobile devices,” says the blog.
In the future, the hybrid threat could come from the Internet of Things with infected home automation systems, warns the blog.
