Cybercriminals targeting mobile phones are bolstering efforts to steal from victims, according to a report by mobile security firm Lookout.
Millions of dollars have been looted from unsuspecting individual and organizations around the globe using smartphone hacking viruses and malware, Lookout said in an annual threat report released last week Thursday.
The biggest threat is a type of malware known as “toll fraud,” in which software is installed capable of signing up for premium services including expensive text messages. Related schemes accounted for up to 79 percent of malware detected in the last year.
Viruses that steal cash have leapt from 29 percent to mobile malware to 62 percent, the report said.
The phone fraudsters are increasingly resorting to viruses that secretly add charges to user’s bills to cash in.
The cyberthieves used the viruses to get to phones via booby-trapped apps and through adverts and webpages carrying malware.
Lookout had over the last few months seen fraudsters stop experiment with methods to steal cash and move on to large-scale campaigns on networks where they knew they would succeed, according to Kevin Mahaffey, head of technology at Lookout.
“Lookout was starting to see attacks that did not directly try to steal money from a phone. Instead, they inserted a virus called “NotCompatible” on to a phone as a way to hide other nefarious activity,” said Mahaffey — as quoted by the BBC.
According to the report, this meant that some areas had been heavily affected by mobile malware once the fraudsters discovered a loophole to make the most of.
In June this year, 30 to 40 percent of those who signed up for Lookout’s security service in Russia already had malware on their phones. Places suffering significant levels of infection also included China and India.
The Lookout report also suggested that a small number of malware coders were behind the mobile viruses designed to steal cash. The viruses were later included into the crimeware kits for sale to the cyberthieves with little technical knowledge on how to automate the process of stealing cash.
The viruses later turn the phones into a proxy for fraudulent behavior.
Mobile phones infected with the “NotCompatible” virus would have traffic channeled to it that it would then pass on to a target website hence hiding the true source of the criminal, or traffic.
The cyberthieves might later use the viruses to artificially increase the popularity of an advert to generate larger returns to criminals.
The Lookout report based its conclusions on data collected from statistics from industry analysts and its 20 million users.
Smarthphone users are advised never to install a mobile app unless its it supplied via an approved app store for the device.
