The Mobile Malware Problem



Similar documents
The Mobile Security Challenge: Opportunities & Issues Matthew Young, Security Programs Manager

Attacks from the Inside

Cybercrime & solutions for Home users and Small Businesses

Protecting against Mobile Attacks

Attacks against Smartphones

BYOD: Should Convenience Trump Security? Francis Tam, Partner Kevin Villanueva, Senior Manager

Agenda. John Veldhuis, Sophos The playing field Threats Mobile Device Management. Pagina 2

G DATA MOBILE MALWARE REPORT

IT TRENDS AND FUTURE CONSIDERATIONS. Paul Rainbow CPA, CISA, CIA, CISSP, CTGA

Secure Your Mobile Workplace

Enterprise Mobile Security Survey

BLACKJACKING: SECURITY THREATS TO BLACKBERRY DEVICES, PDAS, AND CELL PHONES IN THE ENTERPRISE

Mobile Security Framework; Advances in Mobile Governance in Korea. TaeKyung Kim

F-Secure Labs. Protection around the clock. Mobile Threat Report Q4 2012

Emerging Trends in Malware - Antivirus and Beyond

Lecture Embedded System Security A. R. Darmstadt, Introduction Mobile Security

Practical Attacks against Mobile Device Management (MDM) Michael Shaulov, CEO Daniel Brodie, Security Researcher Lacoon Mobile Security

Sophos Mobile Security Threat Report. Launched at Mobile World Congress, By Vanja Svajcer, Principal Researcher, SophosLabs

Deploy secure, corporate access for mobile device users with the Junos Pulse Mobile Security Suite

Defending Behind The Device Mobile Application Risks

Smartphone Hacks and Attacks: A Demonstration of Current Threats to Mobile Devices

Tutorial on Smartphone Security

Design and Development of Mobile Antivirus Application

... Lecture 11. Market Overview of Mobile Operating Systems and Security Aspects. Mobile Business I (WS 2014/15) Prof. Dr.

The Increasing Threat of Malware for Android Devices. 6 Ways Hackers Are Stealing Your Private Data and How to Stop Them

Guideline on Safe BYOD Management

F-Secure Labs. Protection around the clock. Mobile Threat Report Q3 2012

SECURING TODAY S MOBILE WORKFORCE

The dramatic growth in mobile device malware. continues to escalate at an ever-accelerating. pace. These threats continue to become more

Securing mobile devices in the business environment

Current counter-measures and responses by CERTs

OS Security. Malware (Part 2) & Intrusion Detection and Prevention. Radboud University Nijmegen, The Netherlands. Winter 2015/2016

IJREAT International Journal of Research in Engineering & Advanced Technology, Volume 1, Issue 1, March, 2013 ISSN:

It s 2 o clock: Who Has Your Data? Josh Krueger Chief Technology Officer Integrity Technology Solutions

Control Issues and Mobile Devices

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

McAfee Enterprise Mobility

ASEC REPORT VOL AhnLab Monthly Security Report. Malicious Code Trend Security Trend Web Security Trend

How To Protect Your Network From Threats From Your Network (For A Mobile) And From Your Customers (For An Enterprise)

NQ Mobile Inc. (NYSE: NQ) Investor Presentation. March 2013

Kaspersky Security 10 for Mobile Implementation Guide

Running head: MOBILE PHONE SECURITY. Mobile Phone Security. Benny C. Rayner. East Carolina University

Win the Internet Security War. Keep Internet Criminals Out of Your Network and Protect Your Business

Prac%cal A)acks against Mobile Device Management (MDM) Daniel Brodie Senior Security Researcher Lacoon Mobile Security

BUGAT TROJAN JOINS THE MOBILE REVOLUTION

Enterprise Mobility Report 08/2015. Creation date: Vlastimil Turzík

Smartphone Security Winners & Losers

WHITE PAPER. Understanding How File Size Affects Malware Detection

Using big data analytics to identify malicious content: a case study on spam s

CHECK POINT Mobile Security Revolutionized. [Restricted] ONLY for designated groups and individuals

Web 2.0 and Data Protection. Paul Tsang Security Consultant McAfee

Emerging Security Technological Threats

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Mobile Security Apps. Hendrik Pilz Director Technical Lab / Mobile Security hpilz@av-test.de

Mobile Device Security and Privacy. Discussion - Planning Considerations for a Successful Mobile Device Program

Perception and knowledge of IT threats: the consumer s point of view

Global IT Security Risks: 2012

Introduction (Contd )

Study Group on Information Security Issues of Smartphone and Cloud Computing Final Report - Measures to be Taken for the Safe Use of Smartphones -

S3 Control and System Call Indirection

MOBILE MALWARE REPORT

Status of cell phone malware in 2007 Mikko Hypponen Chief Research Officer F-Secure Corporation

Information Security Threat Trends

Information Security Updates Mobile Security Best Practices for General User

Security A to Z the most important terms

Advanced Online Threat Protection: Defending. Malware and Fraud. Andrew Bagnato Senior Systems Engineer

Automated Protection on UCS with Trend Micro Deep Security

Cloud Services Prevent Zero-day and Targeted Attacks

Computer Software Bugs and Other IT Threats to Critical Infrastructure: A Preliminary Set of Considerations for IT Governance

Security Threats for Mobile Platforms

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

Protection for Mac and Linux computers: genuine need or nice to have?

WHITE PAPER > THE RISKS & REWARDS OF MOBILE BANKING APPS. The Risks & Rewards of Mobile Banking Apps

Report on Consumer Behaviors and Perceptions of Mobile Security. Presented by NQ Mobile & NCSA January 25, 2012

Billion Dollar Botnets:

How are we keeping Hackers away from our UCD networks and computer systems?

The Leading Provider of Endpoint Security Solutions

2016 Digital Safety Class UNDERSTAND YOUR RISKS AND STAY TOTALLY SECURE JESSE ROBERTSON, TECH 4 LIFE

Network Security and the Small Business

SECTOR 2015 Malware Activity in Mobile Networks Kevin McNamee (Alcatel-Lucent)

Deep Security Vulnerability Protection Summary

Information Security. CS526 Topic 1

Kaspersky Security for Mobile

Mobile Security: Controlling Growing Threats with Mobile Device Management

New possibilities in latest OfficeScan and OfficeScan plug-in architecture

Dr. David Turahi Director for IT&IMS - MOICT Uganda

INTERNET SECURITY THREAT REPORT

Device Proliferation in the Enterprise = Security Imperative

Mobile Workforce. Connect, Protect, and Manage Mobile Devices and Users with Junos Pulse and the Junos Pulse Mobile Security Suite.

EC Council Certified Ethical Hacker V8

Running Head: AWARENESS OF BYOD SECURITY CONCERNS 1. Awareness of BYOD Security Concerns. Benjamin Tillett-Wakeley. East Carolina University

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Security Best Practices for Mobile Devices

Securing your Mobile Environment. Mark Villinski Kaspersky Lab Jeremy Clough Gorham Savings Bank

Spyware. Michael Glenn Technology Management 2004 Qwest Communications International Inc.

CEH Version8 Course Outline

A Review of Different Comparative Studies on Mobile Operating System

G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015

G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

Transcription:

The Mobile Malware Problem Eddy Willems Security Evangelist G Data Security Labs Director Security Industry Relationships - EICAR eddy.willems@gdata.de

Introduction Security Evangelist at G Data: Privately owned - Established 1985 in Germany (Bochum) First Atari AV software Security solutions for end users and companies Personally Involved in the industry since 1989 Worked as Senior Consultant/Anti-Virus Expert for several CERT-organisations and commercial enterprises like Kaspersky Lab, Westcon(Noxs), etc Co-founder of EICAR Press officeratamtso

Some History: The olddays!

Some years ago Virus Spam Worm Trojan

Current threats...

The Number Game About 70.000 new threats per day => +70.000.000 Threats/Malware Under the Radar = Money is involved

Today s Networks Lack Boundaries Internal/External network Individual Users connect from multiple locations Managed/Unmanaged devices Individual devices operate both inside the network, and on public networks New Devices on the Network eg. Netbooks, Mobile devices, etc Internet Question: Who has an Android phone? iphone? Symbian? BlackBerry? Other? Network Telecommuters Contractors Mobile Users Wireless Users

Mobile threats... Going back to the roots The first incidents: Liberty Horse Trojan Sept 2000 Telefonica SMS Mailer Dec 2000 911 DoS SMS Mailer in Japan April 2001 Flooder sending not wanted SMS Aug 2001 Phage destroys files on Palm Sept 2001 Vapor Trojan Horse hides applications Oct 2001 GPRS hack into 2.5G US network devices Nov 2002 Nokia 6210 V-card Exploit Feb 25, 2003 Siemens %String Exploit March 2, 2003 AT&T SMS Trojan May 5, 2003 First Symbian based Trojan Sept 2003

Cabir Phone worm (2003) Only works on Series 60 mobile devices, Eg. Nokia 3650, 6600, N-Gage. Siemens, Samsung, Sendo en Panasonic UsesBluetooth too spread each 15-20 seconds You must accept the transmission You must accept the installation Long term: battery drain

Some known malware (2006) Total: 27 families (f), 170 modificaties(m) Symbian: Flexispy, Comwarrior, Windows Mobile: Brador and Duts Java 2 Micro Edition: RedBrowser => Not many mobile malware

Spyware the other wave eg. Flexispy

Huike 3D anti-terrorist Story

70% 60% Global Market Share of Mobile OS percentage for smartphones - 2007 to 2012 (e = expected) 50% 40% 30% 20% Symbian iphone Blackberry Win Mobile Android 10% 0% 2007 2008 2009 2010 2011e 2012e Source: Gartner

Fakeplayer Beginning of 2010 SMS Trojan Pornplayer SMS are send 3x (mostly) 8+ variants Different names/icon Different premium numbers http://skamv.wordpress.com/2010/11/02/kiss/

Geimini Attackin China Android trojan Infected hundreds of thousands of chinese Android smartphones Sended mobile data to servers Remote controlled as a botnet for calls and text messages

DroidDream Steals information Drops more malware Download code from the internet Misuses 2 vulnerabilities in the Android OS ( patched already) Download updates Apps released under the names Kingmall2010, we20090202 and Myournet with DroidDreamattached > Removed from the official Android Market, More than 50 Apps affected

DroidDream Google s removal tool Which is the real tool?

ZITMO Zeus In The Mobile Steals mtans Target = Spanish (online) banks Replication via PC by Zeus botnet

The Update Problem

Mobile Malware Situation... End of the year... > 800% increase = Android Malware

The Real Problem with Android The higher the marketsharethe more interesting it becomes for the cybercriminal > money How easier the distribution of the malware the more interesting it becomes for the cybercriminal > via several channels, not only via official online Apps Markets/Shops Uncontrolled=better/attractive. Android=Windows? The Permission problem Use of exploits are easy because updates of Android are not always easy to install More possibilities in the future: more entrance/backdoor possibilities to spread other malware into businesses and corporates

THE FUTURE Exponential rise of Malicious Apps => Mobile Malware Mobile malware targetting Social Media / Mobile Payments(NFC) / Banking Targetted attacks via Mobile Malware Under the radar of the public...

Another Secure Solution :-) Thank you! Questions? Twitter: @EddyWillems

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information