In the advent of 21 Century mobile phones are gaining its popularity which distinguish from “featured” phones by their hardware capabilities and extensive mobile operating systems, that facilitate software, internet and multimedia functionality of which includes music, video, cameras and gaming, alongside core phone functions such as voice calls and text messaging.
Mobile phones are much more reliable today as human entrust much on it as it store loads of personal digital data – from checking bank accounts, to paying products from a single tap of the screen, to checking with friends and famility messages over social media, to accessing work emails – this have turned our phones into goldmine of personal information.
How can we depend on Mobile phones?
According to British psychologist, Dr. Richard Wiseman, the overall pace of life has increased by 10% worldwide since the mid-90’s. In some places, it has even increased by 20% with that, we tend to forget and neglect that our mobile phone is essentially a pocket-sized computer and that, just as with any device that can connect online, mobile phones are at high risk of all sorts of attack.
The good news is that mobile malware is still fairly uncommon, with the total rate of infections standing at 8 percent. Mobile malware is outnumbered by PC attacks 40-1, as mobiles operate on far more customized systems, and malware must be tailored to a specific system attack.
According to McAfee However, mobile malware has been increasing at an alarming rate. There was a27 percent increase in new mobile malware in the last quarter of 2017.
Kinds of Mobile Phone Malware
Below are samples of Mobile Phone malware:
- SMS malware: This involve creation and distribution of malware by hackers designed to target a victim’s mobile device, these Trojan are designed to make unauthorized calls of send unauthorized texts without the user’s consent. Incidentally, the most destructive malware threat for Android are those executed online via Mobile Apps like Droid09 – capable of uploading several phone online banking apps, Android. PjappsM – this steal information from infected devices and enroll the device in a botnet that then launched attacks on website to steal more data and infect more devices and Geinimi – corrupted a number of legitimate Android games on Chinese download sites, and added infected to a mobile botnet.
- Rooting malware: This bug type of malware can gain root access to a compromised device in order to provide the culprit with privelege access to user’s files. One known sample Godbless, has been found lurking on app stores including Google Play, this hides inside an app uses exploits to try to root the OS on your phone it contains various exploits to ensure it can root a device, and it can even install spyware.
- Mobile spyware: This form of malicious software can infiltrate seemingly benign programs and secretly monitor your activity, record your location, and steal sensitive passwords. In early 2017, the Viperat spyware targeted Israeli soldiers serving around the Gaza strip, leveraging social engineering techniques to steal photos and audio files from their smartphones. In March 2016, ‘SmeshApp’, a calling and messaging app on Google Play store, was allegedly used by Pakistan in to spy on Indian military personnel and again in 2016, a Russian APT group was suspected of using Android spyware to track Ukrainian field artillery units, these cases of espionage do not only affect militaries and governments but rather serve as just another example of how cyber threats are evolving and continue to use mobile as their attack vector.
- Mobile banking Trojans: As mobile banking grows in popularity, an increasingly grave problem in the cybersecurity world is mobile banking viruses. In 2017, mobile banking Trojans attacked close to 260,000 users across 164 countries. Attackers masquerade as a legitimate banking app to lure users into installing it, only to steal their credentials. One of the most successful mobile banking trojans, responsible for stealing funds from hundreds fo thousands of users worldwide is It outperformed malware including Svpeng and Faketoken, in terms of sheer number of attacks
How can we be safe:
- Keep in mind public WiFi is unsecure
This is a no no, accessing sensitive information over public WiFi, such as logging into your bank or checking sensitive work emails, as hacker may be able to intercept WiFi packets via MITM attack.
- ONLY download apps from official app store
Smart hackers have been know to slip past the walled garden of the App Store and the security measures of Google Play Protect, but your chances of downloading a malicious app are far lower if you stick to the official app stores.
- Keep your operating system updated
Cybercriminals gateway to being hacked is thru your operating systems flaws to gain access to outdated smartphones. To minimize this risk be sure to install updates to your software as soon as a new version is released.
- Encrypt your device
Encrypting your phone will scramble all files so that only you have access to them. You’ll need to enter a PIN or password to decrypt your phone every time you want to use it which includes all application stored in your phone.
- Review your access authorizations
Oftentimes when consumers download new apps they don’t take the time to read the Terms & Conditions, or consider what data they are allowing the app to access. In some cases, it may be useful to allow an app to access your location, such as a transport or weather app. But does the app need to know your location even when you’re not using it? Review your app permissions in your privacy settings, and disable any consents that don’t seem essential.
- Turn off your autocomplete feature
This may have been simple, but doing this can prevent store critical personal data from being accessed.
- Regularly delete your browsing history, cookies, and cache.
This virtual footprint or trace will minimize the amount of data that can be harvested by prying eyes.
Overall, Mobilephones is by far the most used and viable piece of device it is never too late and be protected until our vital information is released in the web and be atoned.
