Android malware steals location data from mobile devices
CSO - BitDefender Labs has discovered Android malware that regularly broadcasts the location of the infected mobile device to a remote server.
What the malware creators intend to do with the privacy-invading information is not clear. The app operates in the background and appears on the smartphone or tablet as an icon with the word "store" written on it.
The store icon is apparently meant to fool the device user into thinking that it is only an e-commerce app, according to Bitdefender. In actuality, the malware broadcasts latitude and longitude of the device, as well as the name of the wireless carrier. It also attempts to enable the device's Wi-Fi connection and scan for antivirusailable access points. All the data is transmitted to the remote server via the device's Internet connection.
[More on the subject: Security managers split on BYOD, skeptical of Android devices]
"Speculating on why all this information is broadcasted, we could conclude that infected devices act as beacons, providing attackers with a relative positioning of certain Wi-Fi networks and the frequency to which infected devices connect or interact with them," BitDefender said in a blog post on Tuesday.
The lightweight spyware has no user interface and transmits location information every couple of seconds. Because the malware runs so effectively in the background, Bitdefender believes it will eventually be bundled with other apps.
Whether it's spyware or another type of malicious app, the number of mobile malware is soaring. The rate of growth last year was 155 percent over 2010, according to Juniper Networks. During the first quarter of this year, the year-to-year increase was 30 percent, with spyware alone doubling. Most mobile malware is targeted at Android, the leading smartphone operating system.
While the increase in mobile malware is troubling, the actual number of infected smartphones and tablets remains relatively few when compared with PC infections. "While we probably haven't seen a widespread, malware epidemic in terms of the Android platform, there have been some that haven't been detected," Christian Kane, analyst for Forrester Research, said.
As a result, companies are looking for technology to manage applications and corporate data on employees' devices. The mobile security market was $674.8 million worldwide last year and is projected to top $1 billion this year, according to IDC. By 2015, the market is expected to reach $1.85 billion, a compound annual growth rate of more than 35 percent.
Symantec, hoping to grab a slice of the pie, announced on Tuesday its first enterprise-grade antivirus software for Android devices. Called Mobile Security for Android, the antivirus software checks suspicious apps against Symantec's blacklist of known malware. When a bad app is discovered, the software can be set to notify the device user and a corporate security team through a mobile device management console.
- Step Out of the Bull's-Eye Learn about the evolution of targeted attacks, the latest in security intelligence, and strategic steps to keep your business safe.
- Do More With Less: How CARFAX Consolidated Their Security Solutions Through a consolidated F5 solution, CARFAX cut site downtime to zero, secures its data, and deployed a high-performance infrastructure to support its rapid...
- F5 Data Center Firewall Aces Performance Test F5's BIG-IP 10200v with Advanced Firewall Manager (AFM) can handle traffic at 80-Gbps rates while screening and protecting tens of millions of connections...
- Big Data, Big Mess: Sound Risk Intelligence Through Complete Context This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All Data Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!