U.S. Internet Crime Agency Warns Consumers of Mobile Malware

| News

Mobile device users should be aware of an alarming rise in malware targeting smartphones and tablets, according a press release Friday by the U.S. government’s Internet Crime Complaint Center (IC3). The IC3, a partnership between the FBI and National White Collar Crime Center, alerts users that the same security precautions that are recommended for traditional PCs and Macs should also be taken with their mobile devices.

Mobile Malware

Of particular concern to the IC3 is the recent propagation of the Loozfon and FinFisher malware. Loozfon, which targets Android-based devices and is spread by email, seeks to steal user data and tricks users into installing it by pretending to include information about a lucrative work-at-home opportunity. Once a user clicks the link provided in the email, a compromised web site automatically downloads and installs the malware which accesses the contact information from the device’s address book.

FinFisher — which targets multiple mobile platforms including Android, iOS, BlackBerry, Symbian, and Windows Mobile — gives cyber criminals the ability to track and control a user’s mobile device remotely. Like Lozfon, FinFisher is also spread by tricking users into visiting compromised websites.

The IC3 makes it clear that these are just two examples of the many forms of security threats that have emerged to target mobile devices, and the organization lists tips for protecting mobile device hardware and user privacy, including deactivating nonessential features, using device encryption, installing anti-malware software, disabling location services, not connecting to unknown wireless networks, keeping up to date with security and firmware updates, and not clicking on links from unknown sources.

While the majority of mobile malware has thus far targeted the open Android platform, users of devices from all companies should be cautious as the use of mobile devices continues to occupy more of our time and those with malicious intent work to exploit that fact.

Teaser graphic made with help from Shutterstock.

[via CNET]

Popular TMO Stories


Lee Dronick

“FinFisher — which targets multiple mobile platforms including Android, iOS, BlackBerry, Symbian, and Windows Mobile”

How does one get infected? Download an app? Drive by certain websites? Javascript?


I second Lee’s question. Some iOS jailbreaks have been acheived through visiting a website, so it’s conceivable that malware could infect an iOS device this way, but that would be major news if any recent iOS version is vulnerable to this, and it would be even bigger news if such an app were actually in the App Store.


According to this story from August:

The iOS variant requires iOS 4 or later and is executable on all iPad models, on iPhone 4 and 4S devices, and on third and fourth generation iPod Touch devices. The app installs in the background, downloads further code, and injects this code into the startup routine, anchoring itself deep into the system. …As the binary contains a valid developer certificate and an ad-hoc distribution profile, iOS devices accept it without the need for a jailbreak. The certificate was issued to Martin Münch – the managing director of Gamma International’s German subsidiary.

Surely Apple has revoked this certificate by now. One would also hope that they’ve made sure that email links can’t trigger silent background app installations.


Even an ad hoc app needs permission to install on iOS. They don’t install in the background as the article states.

The user needs to give explicit permission to install apps on iOS. This is an extremely low risk problem. It is the height of deception to equate it to the android malware problem. iOS users are used to installing apps thru iTunes, they are not going to be fooled into installing from a website. And as the above comment notes that certificate will have been revoked. Worst case Apple will just issue a remote wipe of the app and trigger a iOS reinstall to get rid of the rest. Try that on android wink

Log in to comment (TMO, Twitter or Facebook) or Register for a TMO account