Known Mobile MALWARE VARIANTS
The below list is not exhaustive and is meant to provide an overview of the most prevalent mobile malware impacting US victims. This page is updated regularly with new information.
What is mobile malware?
Mobile malware is malicious software designed to exploit the operating systems of smartphones and tablets. Once a device is infected, mobile malware is capable of disabling the device, allow a malicious actor to remotely control the device, tracking the user's activity, locking the device or encryption or stealing personal information transmitted from or stored on the device. As users are increasingly turning to mobile devices for both business and personal use, malicious cyber actors are increasing developing malware designed to compromise these devices. In 2015, IBM researchers determined there was roughly the same amount of infected mobile devices as there were infected PCs.
How does mobile malware work?
Mobile malware can infect user's mobile devices through a number of means, including clicking malicious links in SMS texts and webpages and downloading malicious applications. Once a device is infected, the actor can conduct malicious activity or load additional malware onto the device.
What data does mobile malware steal?
Banking Trojans designed to steal user credentials for online banking accounts and mobile are the most prevalent form of mobile malware, accounting for 30 percent of all mobile malware according to IBM Security Intelligence. Other mobile malware variants have the capability to log keystrokes, steal personal information, send SMS texts from the mobile device, and download crypto-ransomware to lock the device or encrypt files until the user pays a ransom.
Recommendations to mitigate mobile malware threats
- Immediately apply patches and updates supplied by operating system vendor, the phone manufacturer, or the network carrier.
- Avoid downloading third-party applications from unauthorized sources.
- Avoid “rooting” devices, which allows the user to retain administrative privileges and provides attackers with ample opportunity to control a device.
- Bluetooth should be disabled when it is not required or in use.
- Consider downloading or purchasing an anti-malware app.
- Never trust text messages sent from an unknown user, especially on third party messaging apps.
- Avoid responding to or clicking links in unsolicited text messages from unknown senders.
- Organizations operating with BYOD policies are urged to educate employees on mobile threats and vulnerabilities, implement monitoring and endpoint protection on all mobile devices, establish the capability to remotely wipe lost or compromised devices, and ensure programs and users have the lowest level of privileges necessary to complete tasks.
If you or your organization is the victim of Mobile Malware, please contact a Cyber Liaison Officer at firstname.lastname@example.org.