Many mobile phone users assume that it is only their home
computer that is open to malware and other such nuisances. Think again. Smart
phones are effectively mini PCs these days, making them a mobile gold mine for
hackers and fraudsters looking for fresh ways to attain personal data to be
used for their benefit.
Norton's cybercrime centre reported that a security researcher has found a number of
popular mobile banking apps are among the vulnerable.
60 top banking apps from around the world were analysed on jail
broken devices, and an alarming 90%were shown to be at risk. This was due to unencrypted links, allowing
hackers to inject arbitrary codes displaying fake logins to trick the user.
Four out of ten apps tested did not validate the
authenticity of presented SSL certificates, opening up a gap to potential
attackers. The best way to avoid these threats is to be vigilant and keep your
device up to date with the latest anti-virus software. Here’s our guide to
three of the most common and downright nasty bugs that are spreading like flu
this winter
BaseBridge: Playing the Game
This malware targets users of popular gaming apps such as
Donkey Jump, Drag Racing and Jungle Monkey to name just a few. After the user
has installed the app, a fake upgrade message will pop up. If the user chooses
to download the upgrade, the malware will duplicate itself in another location
on the device; restarting the app will then trigger the pesky malware into
action.
Once activated, the bug will spread to other operating
systems within the phone and can use them to transfer details from SMS and
calls, which can incur fees to the device owner.
AndroidRat: There’s a RAT in my mobile, what am I gonna do?
Few of us like rats, and this one is no exception. RemoteAccess Trojans (RAT) are used by hackers to infect email boxes, and even
more worrying, capture images and sometimes videos of victims. This kind of
data can then be used for fraudulent purposes or even blackmail.
Due to the increase in popularity of Android device activations
to the OS, hackers can now utilise tools to take complete control of the victim’s
device.
The RAT finds its way onto a device when the user downloads
and launches an activity application, giving the Trojan full rein to sweep your
phone book, text messages and call logs. Those most at risk are users who do
not use Android Antivirus Software, but download cracked versions of downloaded
apps.
DroidKungFu: A lesson in self defence
This malware was uncovered by North Carolina State
University researchers who discovered it was affecting all Android OS versions
up to 2.2 Froyo. It enables hackers to steal sensitive information from victims
through a backdoor method and, in the worst case scenario, can turn the device
into a bot.
Once it has taken control, it can make the device perform
certain actions without the victim’s permission. Newer versions of Android OS
make the threat of DroidKungFu more limited, but it still has the ability to
snatch certain information from the infected device. Try to download only
trusted apps from reputable companies to avoid this particular nuisance.