Home > Conferences, Confidence 2010, Security > Confidence 2010: The Four Horsemen – Malware for mobile

Confidence 2010: The Four Horsemen – Malware for mobile

May 25th, 2010 Leave a comment Go to comments

By Axelle Apvrille

Axelle talk discusses four examples of mobile malware

  • iPhoneOS/Eeki.B
  • Symbian/Yxes
  • WinCE/Redoc
  • Jaa/GameSat

While mallware for mobile phones is far less nuomerous then malware for PC’s, that does however not mean that there are few infections.

  • CommWarrior (2005) > 100,000 infections
  • Yxes (2009) “hundereds of thousands of infections”

How many owners of a jail broken iPhones have actually changed their root password as recommended by the authors of Cydia just of the screen? This lead to the spreading of the Eeki worm.

The worm Yxes is actually very hard to detect because if comes with a valid application which is actually signed by Symbian.

All mobile mallware has similarities:

  • Malware code is relatively simple, using standard API’s and no vulnerabilities etc.
  • They are almost all after money, via SMS, premium number, phishing.
  • There is some annoyware that locks or reboots the phone.

Application signing is not a panacea. As the Yxes malware has shown it is possible to get malware signed, because code is not tested against malware.

So how can we stop malware?

Non-technical solutions:

  • Educate end-users
  • Sue mallware authors
  • Display SMS and call codes explicitly

Technical solutions:

  • Anti-virus
  • Better analysis tools
  • Compartmentalizing processes
  • Permission structures for SMS sending and contact parsing
Categories: Conferences, Confidence 2010, Security Tags:
  1. No comments yet.
  1. No trackbacks yet.