Report: More mobile malware expected in 2012

Lookout Mobile Security

A smartphone security company has predicted that in 2012, there will be more malware masquerading as legit apps, apps that will fleece consumer pockets and malvertising — real-looking ads that lead trusting souls to fraudulent sites.

Lookout Mobile Security, which monitors apps on Android, Blackberry, iOS and Windows Mobile devices, released its “Malwarenomics: 2012 Mobile Malware Predictions” report Tuesday night, which follows up on information gathered this year that revealed more than 1,000 instances of infected applications, doubling in frequency since July. 

The report also found that for U.S. Android users, the likelihood of clicking on an unsafe link is 40 percent.

Not that it’s surprising, but money seems the most significant motivation behind the most egregious mobile malware Lookout studied:

When mobile malware producers are able to steadily increase profits from infections more than they pay to infect devices, the industry will grow rapidly. There are a number of trends seen in 2011 that we expect to carry over into 2012 (perhaps at a greater rate) that will drive down the cost of infection and drive up profitability. 

The company identified some specific instances where consumers “should use extra caution when downloading apps or clicking links” on phones: 

• Visiting third party app stores. Lookout found that malware writers often test malware in alternative app markets before trying to place it in the Android Market or App Store. When discovered, malware is usually pulled more quickly from these primary distributors than it is from alternative markets. The likelihood of you encountering malware on an alternative app store increases dramatically.
• Downloading gaming, utility and porn applications. Be careful to check reviews on these apps before you download. We found that these types of apps are most likely to have malware hidden inside of them.
• Clicking on a shortened URL (e.g. bitly link) in an SMS message or on a social networking site. Users are three times more likely to click on a phishing link on their mobile device than they are on their PC (Trusteer 2011). Because we expect malware writers to increase web­‐based distribution, it’s time to start using extra caution when clicking on links on our mobile phones.
• An app asks you to click “OK”. Don’t “auto pilot” through the prompts an app shows you in order to perform a certain function or deliver a service. Sometimes these apps are greyware, which hide in fine print that they will charge you via premium rate text messages.

• Clicking on in‐app advertisements. Not all advertisements are bad. In fact, most are okay. But some are examples of malvertising and could direct you to a malicious website, prompt you to download malware, or violate your privacy. When clicking on ads, you need to make sure that the ad directs to where you expect to be directed. 

In short: resolve to make the new year a safe one when it comes to your phone.

More stories:

• Android app detects Carrier IQ
• McAfee: Malware loves Android
• Report: Dangerous links will affect 3 of 10 smartphone users

Check out Technolog on Facebook, and on Twitter, follow Athima Chansanchai, who is also trying to keep her head above water in the Google+ stream.

Article source: http://technolog.msnbc.msn.com/_news/2011/12/14/9429743-report-more-mobile-malware-expected-in-2012

View full post on National Cyber Security » Virus/Malware/Worms