Mobile devices are rapidly replacing or complementing the personal computer at home and in the workplace. The rapid growth in smartphone and tablet usage over the past two years has led to the inevitable rise in targeting of these devices by cybercriminals. Moreover, some unregulated app markets increase the problems related with malware in these devices. Mobile malware writers know the best way to infect as many devices as possible is to attack central app markets.
There are many different ways that a hacker can profit from a compromised mobile device. Some of these, such as ransomware, botnet activity and data theft, have migrated from the traditional PC. Nevertheless, they are also open to new types of attack due to the nature of mobile devices. And, their very portability makes them vulnerable to being physically lost and the potential data loss as a result if the device is not encrypted or properly secured.
The continuing adoption of emerging apps for personal and business communication widens the attack surface, particularly for social engineering scams and data exfiltration attempts. The address book and social connections graph is a treasure for cyber-crooks of all sorts. Mobile and web applications control for business users will help mitigate this risk.
Today, the evolution of mobile banking poses a potentially even greater risk for users. Powerful mobile devices are already being actively targeted by malware designed to steal data and money since they make it easy for users to conduct financial transactions on the move. Therefore, protecting the smartphone from malware and keyloggers has to be a basic principle of secure mobile banking.
Security experts have been banging the drum about the threat of mobile malware for years. The fact that it has not yet materialized in a major attack has eroded the credibility of the claims, though, which means many users do not take it seriously and have let their guard down. The sheer volume of mobile devices, and the prevalence of new mobile malware threats only increase the likelihood that a major mobile malware attack will happen.
Kaspersky’s Bermingham said, “As consumers and businesses shift to using mobile devices for a greater percentage of their daily activities, cybercriminals will place a larger emphasis on targeting these platforms—specifically Android and jail-broken IOS devices”