Smartphone virus attacks will cost operators dearly

8 Feb 2011

A leading security expert has warned that ‘compound threats’ in the form of virus attacks from fraudsters on smartphone devices could leave users and telcos more out of pocket than previously believed.

Dublin-based AdaptiveMobile, a world leader in mobile security, said the smartphone market – which is due to reach 37pc of the European market and 44pc of the US market by 2012 – is potentially more vulnerable to the financial ramifications of a virus attack than PCs were in the past.

Gareth McLachlan, COO of AdaptiveMobile, told that unlike your laptop, the average user’s mobile phone is directly connected to a user’s wallet. “What we’ve seen in the last 12 months is global gangs beginning to use mobile phones for financial gain.

“What we are witnessing is the emergence of the ‘compound threat’, where attackers are evolving from single attacks trying to generate a binary SMS to cause a phone to crash, to a virus that copies itself by SMS. In the last 12 months, gangs have been putting out malware that attacks networks and affects multiple subscribers, including banks.”

Mobile virus attacks more insidious than PC virus attacks

McLachlan explained that these compound threats tend to be socially engineered attacks. “One operator last year fell victim to a four-day fake voice mail missed-call alert attack. Thousands of SMS messages went out looking like a standard message, except when the caller hit ‘reply’ and heard a dial tone. Not until the bill arrived home did they realise they were in fact calling a premium-rate satellite phone at US$4 per minute.

“Consumers who were hit by the attack refused to pay the operator. To give you an idea of the impact of the attack, the mobile operator lost US$1m in revenue from that one attack.

“Compare that to an email scam, which typically nets US$25,000 for the scammer. The potential for gain is much greater by attacking a mobile network operator because for one thing there are far more mobile phone users than PC users. Think about it. There are 5bn mobile users in the world, of which 4bn use SMS. This compares with the 2bn email users in the world.

“Just like with a bank, if these attacks become more prevalent customers will lose trust.”

McLachlan says criminal gangs’ motivation in attacking mobile phone users is different to that of those who attack PC users. “Most PC virus writers are looking for the kudos of having made an attack that affected thousands, if not millions, of computers.

“Mobile virus attacks, however, are designed to generate revenue so the writers want them to fly under the radar for as long as possible.”

According to AdaptiveMobile there are four types of virus attacks on mobile devices that network operators and consumers need to be aware of going into 2011:

Advanced mobile malware: One of the most dangerous types of compound threats to emerge to date, the first occurrence of which was identified in October last year. Monitoring users’ access to banking sites, it harvests log-in details through a combination of routes. It is an evolution of existing PC spyware that has been redesigned specifically to record or forward conversations on smartphones.

Converged messaging spam: These are 411-type spam attacks that are on the rise globally, where users receive an SMS prompting a reply in response. In the most co-ordinated of such attacks, users also received a matching email from fraudsters further validating the scam.

IP reputation: A growing type of compound threat that is becoming increasingly problematic for operators – devices sending email spam over mobile networks. This results in mobile devices becoming infected with PC malware and severely impacts the IP reputation of the operator’s network.

Credit attacks: Threats that seek to trick or stealthily make the subscriber dial a premium-rate number. The compound nature is apparent in the parallel use of malware, SMS and voice calls to monetise the attacks.

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years