]Smartphones have become the next biggest malware target, according to a security expert.
Dr Charlie Miller, principal analyst at Independent Security Evaluators, says cyber criminals are primarily targeting smartphones for financial gain by attempting to steal personal information off them.
During next month's ITWeb Security Summit, being held at the Sandton Convention Centre, Miller will speculate as to whether smartphones will evolve into general purpose computers.
Malware and application attacks are the two biggest threats targeting smartphones, according to Miller.
“Often malware may be disguised as something useful but actually does something malicious. The other threat is an attack against the core applications themselves, often called drive-by-downloads. Here, the user just visits a Web site and the site exploits a vulnerability in the Web browser to run code of the attacker's choosing.”
Miller explains that smartphones have more similarities with computers than with phones from just a few years ago. He cautions users to have the same security awareness around smartphones as they do with PCs.
“They contain relatively standard operating systems and have Web browsers. However, while computers are relatively open platforms that allow you to download and run any program you want, often phones are restrictive and only allow you to run certain applications. For example, the iPhone only lets you run applications from the AppStore.”
Miller adds that iPhones are becoming increasingly targeted by cyber criminals. He cites the example of an iPhone application developer who illicitly gathered users' cellphone numbers without their permission. He adds there have been cases where cyber criminals have deployed a worm that targets iPhones and turns the phone into a botnet.
According to Miller, smartphone users should avoid following links and downloading applications from untrusted sources. In addition, users should consider what information they make accessible on their phone if they lose it. “It is way more likely a typical user will leave their phone in the back of a taxi than visit a malicious Web site,” says Miller.
Share