Symantec Threat Researchers: 7 Android Monetisation Schemes

Symantec Threat Researchers Profile Top 7 Android Monetisation Schemes

Experts say only the beginning in terms of quantity and sophistication

Today from Pepcom Mobile Focus at CTIA Enterprise & Applications, Symantec Corp. (Nasdaq: SYMC) announced the publication of new research titled “Motivations of Recent Android Malware” (PDF). This whitepaper provides an in-depth analysis of the current monetisation schemes behind the growing wave of mal¬ware targeting the Android mobile computing platform and schemes likely to be seen in the future.

The paper’s key finding is that the majority of current efforts to monetise mobile malware have only a low revenue-per-infection ratio, thus limiting the return on investment achieved by attackers. However, this ratio is likely to increase in the future as smartphones gain traction as payment devices. Smartphone usage is growing exponentially, with new mobile device shipments increasing 55 percent in 2010.

The whitepaper offers detailed insight into the top current mobile malware monetisation schemes observed by Symantec, including how each scheme works and examples of the malware presently being used to carry them out. These schemes are:

• Premium rate number billing scams
• Spyware
• Search engine poisoning
• Pay-per-click scams
• Pay-per-install schemes
• Adware
• mTAN stealing

In addition, the whitepaper describes potential revenue generating schemes likely to be seen in the near future that are capable of increasing cybercriminals’ return on investment. These include stealing and subsequently selling sensitive financial information – such as banking credentials; selling stolen International Mobile Equipment Identity (IMEI) numbers for use on previously blocked or counterfeit phones; and peddling fake mobile security products, a tactic that has been highly successful in the PC realm.

The research also highlights the three factors needed for mobile malware to reach the levels of sophistication and breadth seen with threats targeting PCs. These factors are an open platform, a ubiquitous platform and sufficient attacker motivation

Noted is the rise in prominence of the Android platform, which has largely fulfilled the first two conditions, and we’re seeing the beginning of the third. The research suggests that attackers will no doubt continue to invest in the creation of Android malware as monetisation schemes evolve.

Quote:
“Mobile technology is advancing at a rapid pace and cybercriminals are keeping close tabs on these developments,” said Eric Chien, Technical Director, Symantec Security Technology and Response. “The marked increase in mobile malware – particularly that targeting the Android platform –is likely only the beginning in terms of both the quantity of threats and their sophistication.”

Protecting Consumers
To address the potential of Android malware, Norton recently announced several offerings under its Norton Everywhere initiative that go beyond Internet security and give consumers the power to protect themselves and their families across multiple devices and platforms.

• Norton Mobile Security Lite is a free download from the Android Market which seamlessly combines select anti-theft features with powerful antimalware, giving users a sense of security in the event their phone is ever lost, stolen or compromised by malware.
• Norton Tablet Security is a new offering designed specifically for Android tablets to protect devices, privacy and important data against loss, theft, viruses and other threats. It includes web-based antitheft functions like Report Lost, Lock, Locate and Sneak Peek in addition to Antimalware and antiphishing protection.

Protecting Enterprises
Enterprises may also find themselves at risk due to mobile malware; this threat is compounded by the growing consumerisation of IT trend and its accompanying management challenges. Symantec offers a full line of mobile security and management solutions to help organisations enable scalable, secure and integrated mobility.

• Symantec Mobile Management 7.1 is a scalable MDM platform that enables enterprise-wide mobile email and application rollouts, safeguards mobile data and devices and provides comprehensive visibility and control of the mobile environment.
• Symantec Endpoint Protection Mobile Edition 6.0 offers comprehensive protection against malicious threats with award-winning antivirus technology, an advanced firewall and SMS Antispam features.
• Symantec Encryption Solutions Symantec Encryption Solutions protect confidential information on hard disks, in e-mail communication and on mobile devices and are centrally managed through a single console to automatically enforce security policies.
• Symantec Validation and Identity Protection (VIP) provides two-factor authentication to verify users’ identity when logging into online accounts. The VIP Access for Mobile credential can be downloaded onto more than 800 different mobile phone models and provides out-of-band authentication across more than 700 websites.

Click to Tweet: New Symantec research details monetisation schemes & trends behind recent #Android malware http://bit.ly/oy5OMk

ENDS

© Scoop Media