On Monday, we released our
Mobile Threat Report for Q1, and in that report we mention there's a growing
number of mobile trojans that "deliver on their
promises". What do we mean by that?
Well,
in the past, mobile malware often offered
something such as "free" mobile web services as
bait, but then, during installation, the trojan
would display some kind of decoy error message.
At
that point the folks installing the trojan would
typically search for answers, either because they
were suspicious or because they were
troubleshooting. That would then lead to actual
answers on forums that what they had in fact
installed was a trojan. These days, when even
non-nerds have smartphones, the bait is quite a
bit different.
No decoy messages. The
"bait" actually works.
Here's a video
of trojan installing a working copy of Rovio's
Angry Birds Space as it compromises the phone.
So, nothing to troubleshoot…
and how many non-nerds do you think will find
getting what they were promised to be suspicious?
It's quite possible that somebody could compromise
their phone and they'll never come to realize
it.
Android malware is definitely
evolving.
Here's a short preview of
something which developed during Q2: drive-by
Android malware.