Malicious software and updates on iOS and Android is a menace and big time headache to people who run their businesses through phones and keep all private information stored on their phones.
These mobile viruses commonly called as malwares infect mobile phones in such a way that you would knot know what they would be targeting and leaking out of your phones to leave your handset utterly useless. Why do you think these hackers spend so much their energy and time to create such malwares? Simple answer: Money.
The recent malware that hit the world was judy malware which attacked 41 apps on Google Play Store. It seems to have made money for its creators by repeatedly auto-clicking on advertisements. Other mechanisms for mobile malware monetisation include covert sending of premium rate SMS messages, financial fraud and credential theft.
There are a number of different ways through which criminals infect your phone:
Application republishing: Apps are automatically downloaded, infected with malware, then republished to app stores, both official and unofficial. Attackers making use of this strategy may publish under the original app name or one that is slightly different. An example of republishing malware was seen recently with the MilkyDoor malware, which allows attackers to bypass firewalls.
Malvertising: Advertisers provide packages of code to allow developers to incorporate ads into their apps. There have been instances in which attackers have managed to purchase advertisements that perform malicious actions through an otherwise benign app. An example of this was the Svpeng malware, which was installed via Google AdSense ads targeting Google Chrome for Android users in Russia. The users did not have to click the ad – simply opening a page and displaying the ad was enough.
Application acquisition: Some developers may wish to sell their apps outright. There is potential for the new owners to release malicious updates that will be automatically installed. While there are no documented cases of this occurring on mobile platforms, developers of browser extensions have spoken out about this issue. In some cases, it is possible to purchase applications with hundreds of thousands of users for a few hundred dollars.
Infected development tools: In one (documented) case, it was reported that infected app development tools were being distributed to app authors. A version of XCode, the primary tool used by iOS developers, would insert malicious functionality into applications that it built and prepared for distribution. Apple told Reuters at the time it was working with the developers to ensure “they’re using the proper version of Xcode to rebuild their apps”.
What are the solutions to these attacks?
Unfortunately, there isn’t a single solution to these issues.
End users can ensure they only install applications from reputable developers, app marketplaces can continue to improve detection mechanisms and operating system developers can continue to improve security.
Nevertheless, malware authors will not be far behind in improving their strategies and devising new ways to compromise devices.