Symantec Corp. has published new research titled “Motivations of Recent Android Malware”. This whitepaper provides an in-depth analysis of the current monetization schemes behind the growing wave of malware targeting the Android mobile computing platform and schemes likely to be seen in the future.
The paper’s key finding is that the majority of current efforts to monetize mobile malware have only a low revenue-per-infection ratio, thus limiting the return on investment achieved by attackers.
Talking to John Harrison, Symantec Product Manager for Endpoint Thread Protection, Security Technology and Response we found out this ratio is likely to increase in the future as smartphones gain traction as payment devices. Smartphone usage is growing exponentially.
The whitepaper offers insight into the top current mobile malware monetization schemes observed by Symantec, including how each scheme works and examples of the malware presently being used to carry them out. These schemes are:
In addition, the whitepaper describes potential revenue generating schemes likely to be seen in the near future that are capable of increasing cybercriminals’ return on investment. These include stealing and subsequently selling sensitive financial information – such as mobile banking credentials and mobile transaction authentication numbers (mTAN); selling stolen International Mobile Equipment Identity (IMEI) numbers for use on previously blocked or counterfeit phones; and peddling fake mobile security products, a tactic that has been highly successful in the PC realm.
The research also highlights the three factors needed for mobile malware to reach the levels of sophistication and breadth seen with threats targeting PCs. These factors are an open platform, a ubiquitous platform and sufficient attacker motivation
Noted is the rise in prominence of the Android platform, which has largely fulfilled the first two conditions, but the third remains in flux. The research suggests that attackers will only continue to invest in the creation of Android malware if current monetization schemes, and those likely in the very near future, succeed.
To address the potential of Android malware, Norton recently announced several offerings under its Norton Everywhere initiative. Norton Mobile Security Lite is a free download from the Android Market combining select anti-theft features with powerful antimalware, giving users a sense of security in the event their phone is ever lost, stolen or compromised by malware.
Enterprises may also find themselves at risk due to mobile malware, a threat that is compounded by the growing consumerization of IT trend and its accompanying management challenges. Symantec offers a full line of mobile security and management solutions to help organizations enable scalable, secure and integrated mobility.