SAN DIEGO, Calif. – October 11, 2011 – Today from Pepcom Mobile Focus at CTIA Enterprise & Applications, Symantec Corp. (Nasdaq: SYMC) announced the publication of new research titled, “Motivations of Recent Android Malware” (PDF). This whitepaper provides an in-depth analysis of the current monetization schemes behind the growing wave of mal¬ware targeting the Android mobile computing platform, and schemes likely to be seen in the future.
The paper’s key finding is that the majority of current efforts to monetize mobile malware have only a low revenue-per-infection ratio, thus limiting the return on investment achieved by attackers. However, this ratio is likely to increase in the future as smartphones gain traction as payment devices. Smartphone usage is growing exponentially, with new mobile device shipments increasing 55 percent in 2010.
The whitepaper offers detailed insight into the top current mobile malware monetization schemes observed by Symantec, including how each scheme works and examples of the malware presently being used to carry them out. These schemes are:
- Premium rate number billing scams
- Search engine poisoning
- Pay-per-click scams
- Pay-per-install schemes
- mTAN stealing
In addition, the whitepaper describes potential revenue generating schemes likely to be seen in the near future that are capable of increasing cybercriminals’ return on investment. These include stealing and subsequently selling sensitive financial information – such as banking credentials; selling stolen International Mobile Equipment Identity (IMEI) numbers for use on previously blocked or counterfeit phones; and peddling fake mobile security products, a tactic that has been highly successful in the PC realm.
The research also highlights the three factors needed for mobile malware to reach the levels of sophistication and breadth seen with threats targeting PCs. These factors are an open platform, a ubiquitous platform and sufficient attacker motivation
Noted is the rise in prominence of the Android platform, which has largely fulfilled the first two conditions, and we’re seeing the beginning of the third. The research suggests that attackers will no doubt continue to invest in the creation of Android malware as monetization schemes evolve.
“Mobile technology is advancing at a rapid pace and cybercriminals are keeping close tabs on these developments,” said Eric Chien, Technical Director, Symantec Security Technology and Response. “The marked increase in mobile malware – particularly that targeting the Android platform –is likely only the beginning in terms of both the quantity of threats and their sophistication.”
To address the potential of Android malware, Norton recently announced several offerings under its Norton Everywhere initiative that go beyond Internet security and give consumers the power to protect themselves and their families across multiple devices and platforms.
- Norton Mobile Security Lite is a free download from the Android Market which seamlessly combines select anti-theft features with powerful antimalware, giving users a sense of security in the event their phone is ever lost, stolen or compromised by malware.
- Norton Tablet Security is a new offering designed specifically for Android tablets to protect devices, privacy and important data against loss, theft, viruses and other threats. It includes web-based antitheft functions like Report Lost, Lock, Locate and Sneak Peek in addition to Antimalware and antiphishing protection.
Enterprises may also find themselves at risk due to mobile malware; this threat is compounded by the growing consumerization of IT trend and its accompanying management challenges. Symantec offers a full line of mobile security and management solutions to help organizations enable scalable, secure and integrated mobility.
- Symantec Mobile Management 7.1 is a scalable MDM platform that enables enterprise-wide mobile email and application rollouts, safeguards mobile data and devices and provides comprehensive visibility and control of the mobile environment.
- Symantec Endpoint Protection Mobile Edition 6.0 offers comprehensive protection against malicious threats with award-winning antivirus technology, an advanced firewall and SMS Antispam features.
- Symantec Encryption Solutions Symantec Encryption Solutions protect confidential information on hard disks, in e-mail communication and on mobile devices, and are centrally managed through a single console to automatically enforce security policies.
- Symantec Validation and Identity Protection (VIP) provides two-factor authentication to verify users’ identity when logging into online accounts. The VIP Access for Mobile credential can be downloaded onto more than 800 different mobile phone models and provides out-of-band authentication across more than 700 websites.
- White Paper: Motivations of Recent Android Malware (PDF)
- Blog Post: New Symantec Research: The Motivations of Recent Android Malware
- Podcast: Mobile Security & Management: A Holistic Approach
- Norton Tablet Security
- Norton Mobile Security Lite
- Symantec Mobile Management 7.1
- Symantec Endpoint Protection Mobile Edition 6.0
- Symantec Encryption Solutions
- Symantec Validation and Identity Protection (VIP)
- Norton Everywhere
- Expert Biography: Eric Chien
Connect with Symantec
About Security Technology and Response
The Security Technology and Response (STAR) organization, which includes Security Response, is a worldwide team of security engineers, threat analysts and researchers that provides the underlying functionality, content and support for all Symantec corporate and consumer security products. With Response centers located throughout the world, STAR monitors malicious code reports from more than 130 million systems across the Internet, receives data from 240,000 network sensors in more than 200 countries and tracks more than 25,000 vulnerabilities affecting more than 55,000 technologies from more than 8,000 vendors. The team uses this vast intelligence to develop and deliver the world’s most comprehensive security protection.
Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.
Note to Editors: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at http://www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States.
Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
TECHNORATI TAGS: Symantec, cybercrime, malicious code, hackers, Internet security, mobile security, mobile malware, Android