Fortinet expert warns on mobile malware that encrypts its data streams

A mobile malware specialist with Fortinet has warned on the latest smartphone trojans that encrypt stolen data
A mobile malware specialist with Fortinet has warned on the latest smartphone trojans that encrypt stolen data

According to Axelle Apvrille, a senior anti-virus analyst and researcher with Fortinet, the latest malware she and her team have analyzed was found in the wild after infecting around 100,000 users' smartphones, mainly in the Far East.

“We expect to see the use of cryptography on mobile malware to become more common, as will the general mobile malware issue”, she said.

Speaking with Infosecurity at the RSA Europe event this week, Apvrille went on to say that because the malware uses encryption techniques to evade detection, its presence cannot be as easily detected by the cellular networks, simply because pattern recognition techniques cannot be used on the data flowing across the mobile internet.

She added that the problem of mobile malware is set to get worse as cybercriminals increasingly target the smartphone platform.

Furthermore, she asserted, the cellular carriers may not be doing as much as they should, as the mobile malware actually increases their revenues, especially when an infection generates text messages to premium rate numbers.

The best solution, she said, is to install a tried and tested IT security app on your smartphone and then use that to detect the presence of malware.

Interesting Apvrille is also mildly critical of current efforts to detect trojans and other forms of smartphone malware, which she claims takes place mainly in the labs.

The solution, she says. is to set up a private cellular base station in order to analyze mobile malware in a real-world – or as close to real-world – situation as possible.

Using a private text GSM base station, she added, allows researchers and other interested parties to monitor mobile malware that communicates with remote hosts on the internet, without risking spreading the sample onto real networks.

What’s Hot on Infosecurity Magazine?