Android and iPhone malware attacks incoming


Five per cent of all Android and Apple iPhones will be infected with malware in 2012, a security expert has predicted.

Many security companies have been predicting the imminent spike in mobile attacks, yet cyber criminals have thus far been unable or unwilling to cause serious harm.

Nevertheless, Trusteer chief executive (CEO) Mickey Boodaei said he expects one in every 20 Android mobiles and iPhones will be infected by financial malware and Trojans within the next 12 months.

"Fraudsters have all the tools they need to effectively turn mobile malware into the biggest customer security problem we've ever seen. They are lacking just one thing - customer adoption," he said.

"The number of users who bank online from their mobile devices is still relatively low. Additionally, transactions are not yet enabled for mobile devices on many banks' websites. Since online fraud is mostly a big numbers game, attacking mobile bankers is not yet an effective fraud operation."

Android an ideal target?

Android has had some security scares already, in particular when a host of Trojanised apps appeared on Google's official mobile app marketplace.

Boodaei suggested Google's architecture was not prepared to deal with the incoming slew of smartphone security threats.

"Android's security architecture is not currently up to the challenge Building a powerful fraudulent Android application that steals and abuses your identity and your bank account is almost trivial," he said.

"Distributing these applications on the Android Market is even more trivial. There are no real controls around the submission process that could identify and prevent publishing malicious applications on these stores. Compared to Apple's App Store, Android Market is the Wild West."

At the time of publication, Google had not offered a response to Boodaei's claims.

iOS didn't' escape Boodaei's scorn either, even though he admitted it wasn't as simple to create malicious apps.

The main flaw in the Apple system comes through jailbreaking, as highlighted by other security pros last week with the latest JailBreakMe release.

"Unfortunately many users jailbreak their devices as they want to run all sorts of applications that are not on the App Store," he added.

"But what's more unfortunate is that vulnerabilities in iOS could allow malicious websites to jailbreak a device and infect it with malware without the user's consent or knowledge."

Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.