Tens of thousands of smartphones have been infected by a new type of botnet, designed to gather information such as passwords from affected mobile devices.
Cybercrime research company IntelCrawler believes this latest malware could be distributed via fake applications that are available to purchase from various app stores.
With many security experts claiming that mobile malware has at least doubled over the past 12 months, this latest scam highlights concerns for security on mobiles, especially when devices are being used for both personal and professional use.
Jonathan Foulkes, vice-president of mobile project management at Kaseya comments: “2013 was truly the year that mobile malware exploded, with Kaspersky stating that 104 421 mobile malware samples were found last year alone.
“Despite Android being typically cited as the most vulnerable type of device, this latest malware has affected a wide variety of handset types, showing that users of all operating systems should be wary when buying applications – even from those sources assumed to be the most reputable,” he says.
“While consumers are right to be concerned about their data privacy, mobile malware is causing even more of a concern for businesses who allow employees to use their personal handset for work purposes. Many IT teams struggle to find the right solution to help protect the device while simultaneously respecting employee privacy.
“One method which strikes the right balance is a containerised approach. This means that businesses can be sure that all sensitive corporate information is stored within a secure container on the phone, so that even if the handset is infected with malware or spyware, the corporate applications – and the data held therein – are safe.”
Foulkes adds: “Rather than telling employees what apps they can or cannot download on their phone, a containerised approach means that even if employees slip up and download a fake, malware-riddled application, they don’t risk leaking business critical information.
“While education regarding best mobile practices is an essential part of establishing an effective BYOD policy, having an extra layer of defence to ensure that the right information is securely fenced off can help ease BYOD headaches as the threat of mobile malware continues to rise.”
