Experts: Get ready for smartphone malware

IT pros know it’s only a matter of time before viruses for mobile phones become widespread. But that time may be coming sooner than many think.

That’s the word from security analyst Tim Armstrong of Moscow-based security firm Kaspersky Labs.

During a recent meeting of the Messaging Anti-Abuse Working Group in Arlington, Virginia, Armstrong noted that “this might actually, finally, be the year” that mobile malware becomes widespread.

Kaspersky Lab uncovered more than 1,550 mobile malware signatures in September, InfoWorld reports.

Armstrong pointed to a recent exploit targeting Russian Android phones in which a virus caused devices to send text messages costing roughly $5 each without the owners’ consent.

Given the far-reaching functionality of smartphones and the increasing amount of personal data kept on them, there could be a lot of money to be made by developing malware to attack mobile devices. Experts warn businesses that hand out smartphones prepare now by updating policies and investing in security controls.

  • Rudy Rash

    Tim Armstrong of security firm Kaspersky Labs is a little late with his comment. “this might actually, finally, be the year” that mobile malware becomes widespread (October 18, 2010 IT Manager Daily). A day or so prior to one of Verizon Wireless’ past mobile web outages (this one spread from the eastern US westward) I received a fleeting message from one of my security measures that a “cell phone virus had been detected” when I logged onto my mobile web account. I called Verizon Wireless customer service to report the cell phone virus warning when the mobile web outages later hit. VZW’s representative just “blew me off” saying that VZW had everything under control and were working to stop the outages from spreading beyond the mid-west. Beyond the mid-west !!! ??? If a spreading outage or spreading denial of service attack doesn’t fit the pattern of a virus or worm malware I don’t know what else it could have been. As long as ISP’s, communications companies, and private network administrators among others deny that there is a mobile malware problem and don’t take measures to secure their networks then we’re going to wake up to a world where everything really doesn’t work. The US military and other governments already know that there are rouge governments and demented individuals working on ways to attack power grids, nuclear power plant controls, public works systems, etc., so are we going to wait until malware attacks the control systems/software for “grandma’s” respirator, heart monitor, pacemaker, etc.? Wake up people!!! Do short term profits outweigh small but consistent security expenditures to secure a technological society from catastrophic failures?