Mobile Malware: Outlook and Defense Strategies
Software programs marked as malicious - also called malware - are programs which are used by attackers to execute malicious actions on a computer system. Some examples are the sending of spam messages or stealing of private information from the victims computer. Nowadays such malware is seen as a big threat on the Internet and countermeasures must be taken.
The majority of malware samples are focused on the Microsoft Windows operating system. But mobile devices, and specifically smartphones, emerge as a new target platform. These devices have access to more and more CPU power and memory in each new generation and they are capable of performing almost the same tasks as a normal computer can do. They additionally also contain a lot of information which are of great value for possible attackers, such as passwords, private conversations and address books. Several hundred different variants of malicious software for such devices have already been spotted and it can be taken for granted, that many more will follow over the next years. This assumption is backed up by the fact that these devices will have access to an ever-rising amount of data which is even more attractive for attackers. Additionally, it is rather easy for an attacker to directly monetize a successful attack: the possibility to send short messages to premium rated numbers can easily generate a hefty revenue. Therefore, effective countermeasures against mobile malware have to be developed to detect and mitigate the risks of mobile malware.
In: Research in Attacks, Intrusions and Defenses (RAID) Symposium, St. Lucia, October 2013