“Sophisticated” Malware Strikes Android Devices

by Matt Klassen on November 24, 2014

Mobile malware is becoming increasingly complex and a newly upgraded threat, dubbed NotCompatible, is considered one the most sophisticated of the bunch, according to security firm Lookout. This particular sneaky little piece of malicious code infiltrates directly into Android’s core code, meaning it operates on a deeper level than malware imbedded in apps or other software. By penetrating so deeply into Android, Lookout explains, it’s harder to detect and even harder to defeat.

“The group behind NotCompatible are operating on a different plane to the typical mobile malware maker,” says Jeremy Linden, a security analyst at Lookout, a dark prediction in a mobile market where security firms are already one step behind malware operators. Now, it seems, there’s little hope that the good guys are going to win this fight.

The most disconcerting thing about this malware operation is that the infected phones are effectively transformed into droids in the cyber-thieves’ army, drones that are networked together and employed in a variety of nefarious schemes, often rented out to crime groups that need a “ready source of Android users.” What’s worse, there seems little we can do to stop it.

As mentioned, the problem with NotCompatible is that it penetrates so deeply into Android’s code that its hard to detect and defeat, perhaps the reason that this particular piece of malicious code is now on its third iteration, a new upgrade that on malware that first appeared on the scene in 2012 and is now so advanced that its as sophisticated, if not more, than malware targeted at desktop computers.

Now of course it’s really no surprise that cyber-criminals are focusing on the mobile market, as our mobile devices have become an inexorable part of our lives. In fact, the centrality of mobile devices in our modern lifestyle presents a tantalizing target for cyber-criminals, said Eldar Tuvey from mobile security monitoring firm Wandera

“We’re definitely seeing the bad guys focus their attention on mobiles,” he said. “That’s because more time is now spent on apps on phones than desktops.”

The goal, of course, is information, our personal data that can be used to access vital online resources like banking, or simply covertly developing a digital picture of us in order to create more focused and attractive spam. This task is made all the easier as mobile users often employ the same password across several services and devices, making accessing, infecting, and employing these devices to nefarious ends dangerously easy.

The most disconcerting thing about this, though, is not only that our dependency on mobile technology presents an attractive target for cyber-criminals, but that mobile security lags so far behind the extant malware threats. Add to that the fact that mobile gatekeepers for Android and iOS apps often are insufficient to recognize and root out today’s malware threats, and the reality of the situation is grim indeed.

“The trend is only moving in one direction,” Tuvey said. “The criminals are sharing information between themselves and they are learning about how to improve the efficiency of their attacks.”

Did you like this post ? TheTelecomBlog.com publishes daily news, editorial, thoughts, and controversial opinion – you can subscribe by: RSS (click here), or email (click here).

Written by: Matt Klassen. www.digitcom.ca. Follow TheTelecomBlog.com by: RSS, Twitter, Facebook, or YouTube.

Comments on this entry are closed.

Previous post:

Next post: