Symantec peers into the future of Android malware

According to Eric Chien, a security researcher with Symantec, despite the surge in reports of Android malware, the increase is not reflected elsewhere in the software business.

The reality, he said, is that cybercriminals are still very much in the exploratory phase of figuring out how to monetize the exploitation of mobile devices.

Citing his team's white paper on the issue, Chien says that Symantec's analysis highlights how most current efforts to monetize mobile malware have only a low revenue-per-infection ratio.

This has, he says in his latest security posting, severely limited the return on investment achievable by attackers.

“It also offers detailed insight into the top current mobile malware monetization schemes observed by Symantec, including how each works and examples of the malware presently being used to carry them out”, he said, adding that these schemes include:

  • Premium-rate number billing scams
  • Spyware
  • Search engine poisoning
  • Pay-per-click scams
  • Pay-per-install schemes
  • Adware
  • Stealing mobile transaction authentication numbers

And here's the bad news, as Chien said that the research also points out that the currently struggling revenue-per-infection ratio is primed to improve.

The trigger, he added, will likely be advances in mobile payment-type technology and the widespread adoption of using mobile devices for both payment and accepting payment.

“The key is that these applications rely on devices to transmit financial information – such as mobile banking credentials – backed by real monetary funds. We’ve learned in the PC world just how lucrative the exploitation and sale of this kind of information can be for enterprising cybercriminals”, he explained.

The Symantec researcher went on to say that many vendors are now using mobile devices such as smartphones and tablets as point-of-sale devices.

For example, he noted, a farmer’s market vendor or a taxi driver may now swipe your credit card through their personal smartphone rather than a dedicated point-of-sale device.

A malicious attacker who has infected these devices – which is likely easier than infecting existing point-of-sale devices – could potentially skim every credit card transaction.

Against this backdrop, Chien predicted that future Android malware will carry out more sophisticated frauds, including the sale of stolen mobile IMEI numbers for use on previously blocked or counterfeit phones, and peddling fake mobile security products.

This is, he observed, another tactic that has been highly successful in the PC realm.

What’s hot on Infosecurity Magazine?