For years security researchers have warned that it was only a matter of time before nasty digital scourges like malicious software and spam would hit smartphones.
Now they say it is has finally happened.
A particularly nasty mobile malware campaign targeting Android users has hit between four million and 4.5 million Americans since January of 2013, according to an estimate by Lookout, a San Francisco mobile security company.Lookout first encountered the mobile malware, called NotCompatible, two years ago and has since seen increasingly sophisticated versions, which have infected 50 million users.
Criminals infect smartphones primarily by infecting legitimate websites with malicious code. When victims visit the site from their mobile phone, they inadvertently download the code, in what is known as a “drive-by download.”In other cases, the attackers sent spam from hijacked email accounts to their victims. That technique, Lookout’s researchers say, successfully caused more than 20,000 infections a day. More recently, researchers say, attackers have been tricking their victims into installing the malicious code by disguising it as a “security patch” in an email attachment.
The attackers goal, researchers say, is to infect as many smartphones as possible and turn them into a so-called botnet, a network of infected devices that can be used by attackers for various malicious purposes.
Lookout says the malware, now on its third iteration, allows infected devices to search for and communicate with other infected machines and share intelligence. Attackers also have found a way to encrypt communications between their command and control centre and infected devices, which makes it more difficult to detect and decipher.
The latest version, Lookout said, “has set a new bar for mobile malware sophistication and operational complexity.”
All this malicious activity can be costly. The criminals are incurring data charges on phones that, ultimately, victims are held responsible for. As if that weren’t annoying enough, researchers say the malware causes tremendous battery drainage.
As with most malware discoveries, Lookout, the company sounding the alarm, has a stake in raising concerns about the security of mobile devices. Its mobile security application is able to identify the NotCompatible malware and keep it from infecting Android devices that have downloaded the Lookout app.