Mobile Threats at the Tipping Point

Jan VolzkeDirector, Product ManagementMcAfee, Inc.

June 2011

Mobile Malware Trend and Outlook- A new Generation of Malware Writers

Mobile Threats at the Tipping Point, Jan Volzke2

Mobile Threat Research McAfee, Inc., June 2011

Malware Authors - Focus is Shifting to Android

New mobile malware by platform Q2 2010- May 2011• 450+ new variants

Mobile Threat Research McAfee, Inc., June 2011

Mobile Threats at the Tipping Point, Jan Volzke3

Why Mobile Threats are Expected to Rise- Key Accelerating Trends

User Aggregation

2015 OS shipmentsIDCJune’11

Protection Gap

Reliance on User Alternative AccessSensitivity of Data

Mobile Money

Mobile Threats at the Tipping Point, Jan Volzke4

Mobile Malware Life Cycle- Show me the Money

R&D

Reuse

Profit Taking

Mobile malware monetization methods:Sell stolen information, Premium SMS/Calls, Click Fraud, Traffic generation, Cash out account balances, Malware for sale, Subscription scams, Mobile

banking attacks, Ransom ware extortion, Resell pirated apps

Mobile Threats at the Tipping Point, Jan Volzke5

Recent Malware Examples - DrdDream, Zeus Mobile, 09Droid

DrdDream• 1st major Trojan embedded in app

• 50+ apps removed from Android Market

• Steals information and waits for instructions from C&C server

Zeus• Targeting banks

using mTAN authentication

• Used against major Spanish institution

• Signed app for BB, WM, Symbian S60

09Droid• Not Malware but

fake banking apps sold at $1.49

• Linking to bank’s own web site

• Apps targeted 35 banks of all sizes

Mobile Threats at the Tipping Point, Jan Volzke6

Phishing is a Cross Device Threat - Mobile Phishing Sites

Opening the page on a PC browser unveils a dubious URL

• Spoofed banking sites are riskier on for Mobile browsers than PC browsers

• Lack of SSL indicators

• Auto hiding URL bar

• Scotiabank’s mobile banking attack:

• Requested the users card number and 3digit security code

• The attacker gains access to the victim’s bank account

McAfee Global Threat Report Q1’2011

Mobile Threats at the Tipping Point, Jan Volzke7

Industry Recommendations for Next 12 Months- Prepare for the Unexpected

Enterprises:• Data Loss Prevention

via email and apps

Developers:• Code protection

• Security certification

Individuals:• Common sense

• Protect yourself

AppStores:• Security testing

• Field revocation

Carriers:• Protect billing infra

• Use cloud & network

Manufacturers:• Shorten update cycles

• Embedded security

Mobile Threats at the Tipping Point, Jan Volzke8

Questions?

Mobile Threats at the Tipping Point9

Comprehensive Protection Against Viruses, Data Loss and Web Threats

http://McAfeeMobileSecurity.com

Contact:

Jan VolzkeMcAfee, Inc.

Jan_Volzke@mcafee.com

Advertisement

References and Acknowledgements

• Android/DrdDream

http://home.mcafee.com/VirusInfo/VirusProfile.aspx?key=399522

• Symbian/Zeus/Zitmo

http://home.mcafee.com/VirusInfo/VirusProfile.aspx?key=290717

• Android/09Droid

https://www.bayportcu.org/site/mobilesecurityupdates.html

• mPhishing site

http://www.malwarecity.com/blog/mobile-phishing-do-you-know-where-that-link-leads-to-1021.html

• OSX/RRoll.C

http://vil.nai.com/vil/content/v_244695.htm

•  OSX/iPHDownloader.A

http://vil.nai.com/vil/content/v_244696.htm

• General banking risks

http://blogs.mcafee.com/mcafee-labs/mobile-reunion-hackers-and-banks

http://blogs.mcafee.com/mcafee-labs/get-out-of-jail-not-so-free

• General Android risks

http://blogs.mcafee.com/enterprise/mobile/mcafee-for-android-a-mobile-security-update

Acknowledgements:Jimmy Shah (McAfee), Jon Oberheide (Duo Security), Dan Cornell (Denim Group), Alin Damian (Bitdefender), Roland Schmitz (Stuttgart Media University), Fabio Pietrosanti (PrivateWave), Rich Cannings (Google), Chris Clark, Alex Stamos (iSec)

Mobile Threats at the Tipping Point, Jan Volzke10