Computer Crime Research Center


Cybercrime goes mobile

Date: March 16, 2011

Exponential growth in mobile devices and downloadable applications has led to a new 'tipping point' in vulnerability.

The worldwide adoption of mobile devices, smartphones in particular, is opening even more opportunities for intrusions and thefts, with cybercriminals shifting their focus toward mobile users and away from the traditional PC environment.

The massive and relatively new market for mobile applications, especially for free downloading, also offers new outlets for criminals.

The International Telecommunications Union (ITU) has forecast that global mobile subscriptions will exceed 5 billion by the end of this year, 3.8 billion of which would be in developing countries. This shift in focus toward mobile users also represents a new "tipping point" in vulnerabilities.

According to an annual security report by Cisco Co, cybercriminals, looking for new opportunities outside of the PC environment, are investing more resources in developing ways to specifically target users of mobile devices.

The emergence of the SymbOS/Zitmo.Altr Trojan in 2009 was evidence of the trend. It was the first appearance of mobile malware in the form of a Trojan horse, a program in which malicious or harmful code is used to steal banking information by keystroke logging.

"Previously, cyber criminals sought opportunities to hack and destroy information from users through Windows PC, " said Patrick Peterson, a senior security researcher and Cisco Fellow.

"But they are resorting to the mobile Windows operating system now that is in much better shape."

He said cybercriminals themselves were still very much in the "research and development" phase when it came to refining ways to snare victims using mobile devices. There have been a number of phishing scams, mostly regional in focus, targeting individuals or selected groups, such as customers of local banks or credit unions in the last two years.

Products from Apple - including iPhones, iPads, and the iTunes media service - are no longer immune despite the company's longstanding contention that its operating system is much more secure than others, notably Windows.

The threat is evident with the iPhone, with more than 60 patches designed to fix security vulnerabilities in the iOS 4 already released. The problems encountered included malware that allowed third-party applications to access information on an iPhone user's location without permission.

However, many users are undermining the security of their smartphones and other devices, including iPads and iTouch devices, by "jailbreaking" which allows users to unlock the operating system, thereby removing Apple-imposed limitations on what and where to download apps.

iPhone users these days don't even need any technical skills to get around Apple's restrictions. They can simply use JailbreakMe 2.0, a one-click, mobile, Safari-based utility. This tool also revealed a significant security flaw in the iOS 4, which Apple has since patched. Without the patch, iPhone users with jailbroken phones were susceptible to hackers who could gain access to root privileges and essentially take control of the devices.

Users are finding ample opportunity to download unofficial iPhone apps, including those from a market called Cydia, which provides access to "Installous" from Hackulous, an app that offers free, pirated versions of thousands of apps available through the iTunes store.

"Apple's iOS , Mac OS and the Google Android OS are areas that hackers have largely ignored, but now, these platforms are looking much tastier," said Mr Peterson.

Three years ago, there was no Android. Now, there are only a few major handset manufacturers that aren't developing devices based on Android. The growth of this platform will be exponential. From smartphones and tablet PCs to cars and refrigerators, we will see billions of devices, including millions used by businesses, relying on this platform in the next few years.

The relative youth of Android, including its apps and ecosystem combined with the sheer number of users will make it a very attractive platform for exploitation, says Scott Olechowski, a threat research manager of Cisco.

Horacio Zambrano, product line manager for Cisco, said the mobile applications marketplace is a way for cybercriminals to reach millions of users worldwide quickly, especially taking advantage of younger users.

Mediamark Research and Intelligence reports that the number of children using mobile phones has doubled since 2005, with one in five children in the United States aged between six and 11 carrying a mobile phone.

One notable example of an exploit aimed at compromising younger mobile users came to light in mid-2010. It was discovered that free wallpaper apps uploaded to the Android Market, featuring themes popular with children such as Star Wars and My Little Pony, were collecting unnecessary information from subscribers such as phone numbers and currently programmed voicemail numbers but not voicemail passwords or SIM card numbers.

The information was sent to a website owned by unknown parties in Shenzhen, China. The app was downloaded millions of times before the surreptitious data-collecting activity was discovered.

"Third-party mobile apps are emerging as a serious threat. And right now, that market is like the Wild West," warned Mr Zambrano. "No one is looking at these apps and determining what is a good app or a bad app."

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo