mardi 19 juillet 2011

Report: Mobile malware to affect more than 1 in 20 devices within 12 to 24 months

By Adrian Kingsley-Hughes July 12, 2011, 5:40am PDT
Summary
Within 12 to 24 months over 1 in 20 (5.6%) of all Android phones and iPads/iPhones could become infected with mobile malware if fraudsters start to integrate zero-day vulnerabilities into leading exploit kits, claims security firm Trusteer.
Topics
Mobile, Malware, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security,
Adrian Kingsley-Hughes
Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.
Adrian has authored/co-authored technical books on a variety of topics, ranging from programming to building and maintaining PCs. His most recent books include "Build the Ultimate Custom PC", "Beginning Programming" and "The PC Doctor's Fix It Yourself Guide". He has also written training manuals that have been used by a number of Fortune 500 companies.
Adrian also runs a popular blog under the name The PC Doctor, where he covers a range of computer-related topics -- from security to repairing and upgrading.
Vendor HotSpot
Here to help you with your Document Management Needs

Read the DocuMentor blog nowLearn More »
Within 12 to 24 months over 1 in 20 (5.6%) of all Android phones and iPads/iPhones could become infected with mobile malware if fraudsters start to integrate zero-day vulnerabilities into leading exploit kits, claims security firm Trusteer.
According to the company, Google’s Android platform is a ‘fraudster’s heaven’ because the “security architecture is not currently up to the challenge” given the “ease of generating powerful fraudulent applications and the ease of distributing these applications.” Also highlighted is the fact that there are no effective controls over the app submission process and that this allows malware into the Android Market.
Here’s the killer quote:
“Compared to Apple’s App Store, Android Market is the Wild West. You can’t always trust applications you download from it.”
Apple and the iOS doesn’t escape criticism either. While the company admits that Apple’s App Store is far more secure than Android market because of the strict controls placed on apps and the manual review process, jailbreaking represents a real threat, and vulnerabilities that allow for jailbreaking over the web could present a serious problem.
“JailbreakMe.com published an exploit which allows the automated jailbreaking of iOS devices from a specially created Web site. PDF files that exploit this vulnerability are reportedly publicly available. Even clicking a crafted PDF document or surfing to a website with the PDF documents are sufficient to infect the mobile device with malware.”
Trusteer also offers up a four-point recommendation for secure mobile banking which I think are worth repeating here:
Check rating, user reviews, and comments for each mobile application you download. Avoid low rated, new applications, and bad reviews.
Carefully review the permission requested by Android applications when you install them. Applications that ask for access to text messages and other sensitive information should raise a red flag and further researched before you download it
Have your PC protected with an online banking security software such as Trusteer Rapport, which you can download from your bank’s website. This software can break MitMo attacks by not allowing fraudsters control of the web channel.
Regularly install updates for your mobile device
Is this crying wolf, or is there a serious threat out there? Whatever you do, take care out there!
Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

http://www.zdnet.com/blog/hardware/report-mobile-malware-to-affect-more-than-1-in-20-devices-within-12-to-24-months/13631?alertspromo=&tag=nl.rSINGLE

Aucun commentaire:

Enregistrer un commentaire