The History of Mobile Malware

by Joe Graceffa, on January 10th, 2017
mobile malware blog lower qual

As mobile phone ownership grows, so does the likelihood that users will fall victim to mobile malware threats and attacks. Although mobile malware is a relatively new phenomenon, with the first malware attacks on smartphones being traced back to 2004, it’s quickly grown into a multi-million-dollar operation, affecting millions of smartphone users around the world. When it comes to iOS and Android security, there are four main types of malware to be aware of: spyware, Trojans, phishing attacks, and hidden processes. Although each type of malware operates in a different way, they all have one main goal: to extract personal data and make money from unsuspecting users.

 

[Worried about becoming a victim? Find McAfee promo codes here!]

 

2004-2006: Breaking Ground

 

Year after year, malware threats get more and more sophisticated. To better comprehend the intricacies of today’s malware, it’s important to understand its history, which can be traced back to Cabir in 2004. Cabir targeted devices running Symbian OS (the most popular operating system at the time) and, once infected, the word “Caribe” was displayed on the device’s screen. If Bluetooth was enabled, Cabir would push itself onto other devices, prompting users to agree to download it. Although it wasn’t malicious, the concept was expanded upon by hackers with a more mischievous intent.

 

In 2005, Commwarrior took Cabir’s concept further- by forcing users to pay for unnecessary cell phone charges. Here’s how: a phone that was infected with Commwarrior sent a constant stream of MMS messages to everyone in the address book. Since this was before data plans, users with left with a hefty cell phone bill. And, once the message was opened by an unsuspecting user, the malware installed itself on their phone. While the Commwarrior creators didn’t reap any monetary benefits from the malware, it was one of the first instances of malware that affected victims financially.

 

2007-2009: Spyware & iPhone Malware

 

Spyware, or a type of software that enables a user to obtain private information about another’s online activities by transmitting data secretly from their hard drive, was first introduced in the mid-2000s. FlexiSpy, one of the earliest types, was very successful at tracking the activities of a smartphone user. Everything from SMS information and phonebook data to voice calls and browsing history could be tracked and relayed to third parties. Presently, FlexiSpy is advertised as a way to secretly monitor the online activities of spouses and employees.

 

[Use Norton coupon codes to protect yourself from spyware]

 

The 1st gen iPhone was released in 2007, and hackers weren’t far behind. In 2009, the Ikee malware was developed to specifically target Apple’s iPhone. Distributed between jailbroken Apple devices, Ikee was more funny than malicious. Contrary to most malware, it didn’t extract personal data or hack into a user’s phonebook. Instead, it changed the infected iPhone’s wallpaper to a photo of the singer Rick Astley, and then searched for other iPhones on the network to infect. While it wasn’t malicious, it was a reminder that iPhone malware protection was just as important as Android security.

 

2010: Follow the Money

 

2010 was a major year for mobile malware. It was when mobile hackers transitioned from sole individuals to widespread organizations that operated without geographical limits. From this year on, malware detection experts saw an explosion of cybercriminals working together to generate money. Around this time, it wasn’t uncommon for a cybercriminal to make a living from exploiting vulnerabilities on smartphones. In fact, some present-day hackers make $7,500 per month by holding people’s data hostage. One notable example is Zitmo, also referred to as Zeus-in-the-mobile. This Trojan could migrate from a PC environment to a mobile environment and back again, leading to massive losses by those who prefer to do their banking online. The Trojan stole transaction numbers, effectively allowing the hackers to evade online security processes.

 

2011-2014: Android, Android, Android

 

As Android continued to dominate the marketplace, cybercriminals began to take advantage of the potential it offered. In 2011, the Trojan DroidDream was discovered in Google Play. This Trojan infected more than 50 apps, each with tens of thousands of downloads, leading to sensitive user information being sent to third-parties. In some cases, the Trojan even installed other unauthorized apps on the infected device. In an effort to minimize the damages, Google removed the affected apps from its store as soon as they found out about DroidDream.

 

[Protect your Android and save with McAfee promo codes!]

 

In 2012, another Trojan called Boxer was created to attack Android phones. Similar to Commwarrior, Boxer burrowed into a user’s phone and sent premium-rate SMS messages unbeknownst to the user. It was prevalent in 63 countries, where it took advantage of mobile country codes and mobile network codes to send SMS messages and charge users premium rates. A year later, the first example of mobile ransomware surfaced. FakeDefender displayed bogus security alerts, and tried to convince users to buy an app under the false promise that it’d eliminate non-existent malware.

 

2015 & Beyond: Threats Continue to Escalate

 

In 2015, mobile malware attacks continued to escalate, and are expected to escalate even further in years to come. In fact, a 2016 report by Nokia Threat Intelligence revealed that malware attacks on smartphones rose by 95 percent from January to April 2016 alone. A good example of the sophistication of modern day malware is SMS Thief, a malicious app hiding itself as an uninstaller utility. Once installed, it copies and forwards all text messages from the Android smartphone to third parties, leading to a loss of sensitive personal information and costly cell phone bills.

 

Ultimately, mobile malware will only become more malicious and more difficult to detect as time goes on, but there are a few things you can do to protect yourself. Always keep your apps up-to-date, and always keep safe browsing methods in mind. Don’t click on suspicious links, avoid overly spammy and adult websites, and install anti-virus software on both your desktop and smartphone. Many individuals make the mistake of only installing anti-virus and malware protection on their desktops and laptops when, in reality, more searches take place on mobile devices than computers. 

 

[Install malware protection with Norton coupon codes!]