This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
This research paper explains the Smartphone warms and viruses using Android. Worms, spam, viruses and hackers they're not just for your desktop or laptop anymore. According to internet security experts they could be well on their way into your pocket or purse. The popularity of Smartphone like the Blackberry, iPhone, Palm and the emerging Droid is on the rise and shows no signs of letting up. And that's making the phones a sweeter target for online ne'er do-wells looking to, at the very least, cause mischief and, at worst, rip off unsuspecting phone owners."It's guaranteed that almost everything we see on a computer will show up on a Smartphone and some new things," said Jake Widman, a San Francisco-based technology writer and analyst. With Apple planning to release the iPhone in China, and a more affordable Android handset expected to hit the market by the end of the year, the pool of potential targets is only expected to get deeper. And compared to even a year ago, when analysts say most people used Smartphone mostly for voice calls and e-mail, an increasing number of users are now surfing the Web, paying bills and doing other activities that open them up to abuses."When the market increases, there are generally more people going after it because there's a bigger potential for gain," said Andrew Storms, who directs safety efforts at online security company nCircle. "What we haven't seen is the massive anonymous attacking across all of the Smartphone bases," Storms said. "[Traditional] worms and viruses continue to breed and move on from computer to computer -- the attacks we see today on the Smartphone market are targeted attacks."Security analysts say they've already seen all of the major online threats -- Trojan horses, viruses, worms -- spreading on smart phones, often through e-mail attachments sent to the phones. One attack even used a Bluetooth headset to try to attack other Bluetooth users within 20 feet of the infected unit. Security problems were most pronounced in the early days of the Smartphone when a majority of them ran on a single operating system and it was easier for malware to spread from one phone to the next. One of the problems now, analysts say, is that people who take security precautions on their home computers either forget to do so with their phones or don't think they need to in the first place.
"We've not become accustomed to thinking twice about it," Storms said. "The risk exists. It's going to continue to exist and continue to increase."
A survey by security firm Trend Micro Incorporated suggested that only 23 percent of Smartphone users enable security software already loaded onto their phones and 44 percent think surfing the Internet on their phone is as safe or safer than doing so on a desktop computer -- even with no security software.
The good news, experts say, is that phones present problems for hackers and other bad guys that traditional computers don't.
Most viruses and other malware are designed for Windows, because that's the most popular operating system. Since Smartphone use a variety of different platforms, someone writing malicious software needs to pick and choose.
And while e-mail databases exist that enable phishes, spammers and others to blast their messages to huge chunks of users at once, it's tougher to get lists of telephone numbers, much less numbers specifically for Smartphone users.
A smartphone is a mobile phone built on a mobile operating system, with more advanced computing capability and connectivity than a feature phone. The first smartphones combined the functions of a personal digital assistant (PDA) with a mobile phone. Later models added the functionality of portable media players, low-end compact digital cameras,pocket video cameras, and GPS navigation units to form one multi-use device. Many modern smartphones also include high-resolution touch screens and web browsers that display standard web pages as well as mobile-optimized sites. High-speed data access is provided by Wi-Fi and Mobile Broadband. The mobile operating systems (OS) used by modern Smartphone's include Google's Android, Apple's iOS, Nokia's Symbian, RIM's BlackBerry OS, Samsung's Bada, Microsoft's Windows Phone, Hewlett-Packard's webOS, and embedded Linux distributions such as Maemo and MeeGo. Such operating systems can be installed on many different phone models, and typically each device can receive multiple OS software updates over its lifetime.
As Smartphone's become more and more popular, and their connectivity and processing power increase, they are attracting more attention from malware writers around the world."A big tree attracts the woodsman's axe."
Computer security experts have predicted since 2009 that viruses (actually "malware", which describes all types of malicious software) will hit Smartphone's. It appears that 2011 will be the year of Smartphone viruses. This hub will go into some detail on how do you get Smartphone viruses, what sort of damages can a Smartphone virus do, and what you can do to protect yourself.
Android's Open Problem
Google would have very little recourse since it already charges nothing and enforcing some sort of Google Apps requirement would alienate its core customers (manufactures/carriers) as well as be a PR mess after selling Android as an open platform.
This is the predicament Google is in. Any effort to exert control over Android by Google will remain toothless and unenforceable unless they directly contradict their "Open" mantra. The problem has recently been made apparent with reports that Google has been requiring Andy Rubin's blessing for early access to code as well as 3.0s half-baked source code being withheld from the community. Just as predicted this has lead to some bad PR and community backlash. That said, the negative response has been tempered by two realities: Google is a media darling and most Android advocates realize their platform would benefit from greater Google driven standardization, lest Android turn into something like this.
I suspect these two events are indicative of Google's strategy to exert control over it's ever fragmenting OS. Up until now handset makers haven't had incentive to provide the latest Android version because most consumers haven't noticed enhancements introduced by the various 2.x releases, especially when said changes have been buried under the plethora of custom interfaces. Honeycomb, on the other hand, is gearing up to be a major release for handsets with highly visible interface and feature enhancements. A must-have Honeycomb would make early access a necessity for manufacturers to stay competitive and provide Google the leverage needed to stem fragmentation, limit UI customizations, and protect their interests.
The only problem with this solution is that handset makers don't see Android as a platform as much as they see it as a feature. As such they are slow to update and tend to obfuscate rather than advertise specific Android versions. They don't care about having the latest and greatest Android so why would they care about having early access to future releases, especially if that access has strings attached. If manufacturers opt for continue free reign, withholding code may actually result in even longer release turnaround and even more fragmentation. Even if Google is able to get manufacturers onboard with Honeycomb, what's to stop them from jumping ship with subsequent non-major releases?
Google has to walk a thin line over the next couple of months. Without any control, Android will further fragment, but too much control will alienate partners used to being pampered.
What Can Happen With a Smartphone Virus / Malware / Trojan
First of all, the proper term is "malware" which describes all sorts of malicious software, not just a virus, or Trojan, or logic bomb. Malware describes everything malicious.
Anyway, malware can do the following (all are actual cases):
Send messages to "premium service" SMS numbers that cost extra money, similar to calling 1-900 or 976 numbers
Send your personal information to unknown parties
Turn your phone into a part of a botnet so others can execute commands remotely for nefarious purposes, such as spam, DDOS attack, and more.
Give others ability to monitor your phone calls and text messages
Open you to blackmail, if something embarrassing can be found and sent elsewhere
Trick you into entering financial information, such as account number, birth date, and more
Even stuff on your PC... if you connect your PC to your smartphone
This is a threat you need to take seriously. And here are some examples.
Android Hacked App Turns Your Phone into a Botnet Zombie
Symantec, a world leader in malware detection and computer security, reports that Android malware is on the rise, and they have just detected a hacked version of the popular "Steamy Window" (February 2011) available through Chinese websites that turns your phone into a botnet zombie. Once your phone had been zombified, hackers can remotely control your phone to:
send premium text messages
block text messages,
force your browser to visit certain websites
There are some prevention steps.
Set a Password or Lock Pattern
While passwords and lock patterns can be hacked, it takes time to hack it. Setting a password will give you time to do some other security measures... such as remote wipe.
Use a Password Manager
LastPass or KeePass can be cross platform and give you security without affecting usability too much. Use a different password for every login would give you far better security.
Do NOT Lend Your Phone to Any One
Someone can install malware into your phone, whether intentionally or not, while it is in their possession. Yes, that includes your children.
Load a Security Package that includes Scan, Phone Tracker and/or Remote Wipe
If you lost your phone, you need to be able to locate it, and/or remotely wipe it clean so nothing from you can be stolen. (And those apps cost $$$, no way around it). Remember, if they have the phone in their possession, they can hack it.
The Security Package should also update itself and scan for malware threats upon every install.
Do NOT Click on Mail Attachments or Links (unless you're sure)
This is same as PC... Do NOT trust attachments or links, even if they appear to be from legitimate sources, unless you are sure.
Do NOT Download / Install Apps from Unknown Sources
By default iPhones only get apps from iTunes Store, and Android only get apps from Android Marketplace. You have to explicitly bypass those restrictions, and that opens you to vulnerability. There are a LOT of pirated stuff out there, promising free apps, but how do you know what are really in those apps?
(ANDROID) Even if it came from legit sources, have some common sense!
Just because it's on Android Marketplace does NOT mean it's automatically safe and legit. Google does NOT inspect all apps.
The fake apps were distributed through Android Marketplace, but they come from unknown developers. Look for reviews and direct links to Android Market or Appbrain instead of downloading sound-alike apps.
(ANDROID) Check those app permissions!
When you install an app on Android, it asks you for certain permissions. When an app asks for more permissions than it should (the fake Steamy Windows app asks permission for "sending and receiving SMS") you should abort the install.
Beware of Abnormal Phone Behavior
Does your phone seem far more sluggish than usual?
Did you notice strange charges in your phone bill?
Does your battery not last as long as before?
Does your internet data usage seem much higher than usual?
Make backup of all information so you can restore them if you have to.
One look at a chart showing the number of attacks on mobile devices last year and it is clear, the cyber criminals all have Android in their crosshairs. This year, Kaspersky Lab's mobile malware experts expect the first ever mass worm to be found attacking Android's operating system (OS).
Interest in the Android OS as a malicious code writers fave will continue this year, yielding more mobile viruses and new malware codes for users to dodge.
As early as October 2011, one third of the threats targeting Android were designed to steal personal data from a user's smart phone, either through the user's phone book, call log, text messages or even through GPS coordinates. The main culprits? Chinese cybercriminals. They are the front-runners when it comes to stealing data, says Denis Maslennikov at Kaspersky in Moscow.
Chinese hackers are typically most interested in information about the device itself rather than the owner's personal and confidential information. Russia is the second nest of Android loving cybercriminals, and they are more interested in cold hard cash.
Russian malware writers have begun to create new SMS Trojans for Android, whereas a users phone is sending repeated texts to 1-900 phone numbers, nickle and diming millions of users around the world who barely notice their phone account has been compromised. New affiliate programs are emerging and making it possible to automatically generate a variety of SMS Trojans and offer a selection of tools and options for spreading them through a smart phone or tablet, such as through fake storefront applications in the Googleapplications store, or through QR codes, among others, Maslennikov wrote in a long post about Android malware discoveries in 2011.
Mobile Malware Evolution, Part V-Kaspersky Lab
What's waiting for us in 2012? In brief, we expect to see the following:
Interest in Android OS will continue to rise among mobile virus writers, whose efforts will be focused primarily on creating malicious programs that target this specific platform.
A rise in the number of attacks using vulnerabilities. Today, exploits are used only to obtain root access on a smartphone, but in 2012 we can expect the first attacks where exploits are used to infect the mobile operating system.
An increase in the number of incidents involving malicious programs found in official app stores, primarily Android Market.
The first mass worms for Android.
The spread of mobile espionage." - Denis Maslennikov, Senior Malware Analyst, Kaspersky Lab
New threats are underway, including ways to actively control a smart phone from a remote location.
Threats designed to control a device became common in 2011. Today, such backdoor malware codes are edging ahead of Trojan spyware in terms of sheer numbers. Chinese virus writers have been engaged in the non-stop production of backdoors. A backdoor in a computer system is a method of bypassing normal authentication by enabling remote access to a device and obtaining access to it while remaining undetected by security software. The backdoor could take the form of an installed program or subvert the system through what is known as a root kit, malicious software hard to detect.
Most of these Android backdoors contain exploits designed to gain super-user privileges or obtain maximum privileges on the system.
"It is the root exploits for Android that started the mass use exploitation of vulnerabilities in mobile operating systems, and they are the go-to choice for Chinese virus writers," Maslennikov says. "Many users do not yet realize that they are being victims of cyber crime."
So far this year, 34% of all malicious Android programs were Trojan spyware programs, with backdoor programs accounting for 31% and SMS Trojans another 27%, according to Kaspersky Lab.