NQ Mobile Blog
Category Archives: 2011 Mobile Security Report
To call the world of mobile crime a “new frontier” is not too far off. While advances in mobile technology have provided great convenience and huge advantages for the consumer, they’ve also contributed to a budding brand of misconduct that places users of mobile devices in a certain degree of jeopardy –especially when it comes to dealing with mobile paying. Malware, identity theft and concerns about privacy explain why only twelve percent of American’s have tried to make mobile payments.
This week in Bloomberg Businessweek, writer, Olga Kharif, discusses some of the pitfalls of conducting financial transactions on a mobile phone. It seems that any reasonably proficient hacker can find a way to breach the safety controls that are built into today’s devices, and there’s a real vagueness about who should take responsibility. A mobile transaction involves a carrier, a payment service and a consumer and, naturally, the consumer is 
the most likely to take the brunt of an insecure system.
Kharif points out that, as NQ Mobile emphasized in our recent threat report, “malware attacks on U.S. smartphones have risen 18 percent since 2011 and now add up to 15.3 percent of the world total.”
Banks, scientists and providers are scrambling to increase the level of safety within their systems. In the meantime, powerful mobile security apps are readily available for protecting your mobile privacy.
As in any new frontier, there are constantly rapid new developments taking place in the mobile industry. Our suggestion? Get involved, get savvy and protect yourself and your family.
Download the entire 2011 NQ Mobile Security Report
When you’re busy searching for an online site on your smartphone, it’s good to be 
aware that not all websites are legitimate. Fraudulent websites are designed as “phishing” tools. The creators of fake websites are hoping you’ll use your password to log in, and unwittingly give them information that will lead to your credit card and bank accounts. Bogus websites are often such exact replicas of legitimate sites, an inexperienced user might have trouble recognizing the difference. It’s important to learn how to spot the red flags, especially when you’re out and about and working from your phone. Here are a few tips to help you avoid fraudulent websites:
1. The URL (Uniform Resource Locator), the unique address of each site on the Internet, is displayed in the location box at the top the page. Get in the habit of checking this field to be sure you’ve been taken to where you intended to go. If the web address looks odd in any way, leave the site and try again by simply typing in the correct URL. Sometimes when clicking on an ad will take you to a site that isn’t what it appears to be.
2. If you arrive at a website that only contains numbers, such as an “IP” number, you can pretty much count on it being a faked website. Many inexperienced malware authors simply use an IP number rather than bothering to come up with a fake name. They’re hoping you won’t notice. If the URL box at the top shows as 224.55224.02, or something similar, it’s not a safe spot to be. Leave the site immediately.
3. Many faked websites simply use the same URL wording but attach a different “TLD”. A TLD means Top Level Domain, but we might refer to it as an extension. A TLD is the .org or .com. or .gov that follows the domain name. One way that you might be drawn to an illegitimate site is to not notice that another domain name follows the one you’re looking for. An example might be:
http://www.yourtownbank.see us.com
What you should know is that the true domain name for this site is not “yourtownbank,” but is actually “see us.com.” Always glance at the TLD, just to be sure.
4. Note whether the name of the domain you’re seeking is correctly spelled. Scammers sometimes use the legitimate domain name with one letter off. You might see something like: http://www.yourtounbank.com
It can be a slight or subtle difference, but remember that the Internet doesn’t allow for misspellings. If a misspelled domain name takes you somewhere, it’s probably an illegitimate site.
5. Finally, always look for “https” on your domain name before making a purchase. You should never buy something online from a site that isn’t secured. Most often, the “https” will follow the symbol of a locked padlock. If the site is not secure, leave it and try your transaction again, checking the accuracy and security of the legitimate website.
Remember, criminals work don’t expect to snag everyone with these scams, but it only takes a few to keep them in business. Practicing good online habits can help you and your family avoid being victimized by phishing thieves. Read more about mobile malware in our 2011 Security Report.
Download the entire 2011 NQ Mobile Security Report
In our 2011 Security Study, NQ Mobile’s team of technicians describe an ongoing 
phenomenon in the world of mobile malware. “Root exploits” consist of malicious code designed to bypass your smartphone’s built-in security system, and gain privileges that allow it to do its its intended dirty work.
Root exploits’ dirty work most commonly involves surreptitious dialing of premium numbers at great cost to the owner of the phone. Like the majority of malware, the intention behind root exploit code is to steal as much money as quickly as possible before the pestilence is discovered and eradicated.
As with every other strain of malware, we can probably expect the number of root exploits to grow, especially given the accessibility of “rootkit” applications that can be easily purchased online. In fact, our researchers found that one third of the malware dataset they studied contained a root exploit. Even worse, most malware contains two or more root exploits, just to make sure it reaches its intended goal of commandeering your phone.
Root exploit code can be transported to your phone, buried within a legitimate app, sometimes enclosed in a Trojan-horse type capsule of code. It’s possible to download this kind of infected app without any sign of trouble. Your Android system is complex, and contains over 90 open-source libraries. What this means is that the system is open for outside application development – a real opportunity for malware authors.
Earlier examples of rootkit exploits proved to be simple installations of packaged malware, purchased right off the Internet. However, recent upgrades within root exploits are disturbing. A more sophisticated brand of root exploit malware is programmed to be activated by some trigger, which could either be a phone call made by you, or some other activity on the phone. The newer form, instead of embedding itself in the app, is encrypted and stored in the app as a resource or asset file, making it unrecognizable. It may have a misleading suffix assigned to it, such as .png, that makes it appear as a harmless graphic or other normal element of the app. It downloads quietly, and the infected file sits in your system, stealthy, and waiting for a trigger that will bring it to life.
The implications of root exploits are disturbing, to say the least, especially if we consider the exponential rate at which malware is growing in the mobile arena. It’s important to download a strong and comprehensive security package to stop root exploit activity before it begins.
As always, the folks at NQ Mobile hope that educating ourselves about malware will be an ongoing and meaningful process for mobile device owners and their families. Hopefully, you’ll never see an instance of this kind of malware turn up in your smartphone, but it’s better to be prepared and protected, just in case.
Download the entire 2011 NQ Mobile Security Report
Based on their security study findings from 2011, our researchers were able to deduce
certain probabilities regarding the future of mobile malware. With approximately 700,000 Android activations taking place each day, it’s safe to say that the growth of Android malware won’t be slowing down any time soon. There are three “hotbeds” for mobile malware that we expect to be dealing with in 2012:
Piggybacking
In this type of malware, legitimate mobile applications are being dismantled, embedded with malware, re-assembled and repackaged to look like the originals, launching their payload when the app is activated.
SMS Fraud
Cyber thieves use the phone’s SMS system to send surreptitious text messages to premium call numbers, with charges applied to the phone’s owner. This kind of fraud also gathers contact information for use in phishing and identity theft scams.
Botnets
Only now starting to surface in the mobile world, botnets override security safeguards to allow hackers to take total control of the device. Botnets can also spread by sending copies of themselves to other devices via text and email.
Although these specific forms of malware have been seen in the past, the likelihood of their growth this is obvious. There are thousands of software engineers graduating from college every year, and a global unemployment rate that breaks all records. People will do what they need to do to survive, and this will certainly continue to be the case for malware authors. In fact, we have not yet seen all the new and sophisticated versions of the three examples of “hotbed” malware, but we can safely predict that they will fall into three general categories.
Financial Penetration
Smartphones have created a simple, convenient way to conduct our monetary transactions, including banking and bill paying, as well as shopping online. Because the primary intent of malware is financial gain, our researchers expect that malware such as SMS scams, mobile botnets and personal data collection will increase in popularity. Some forms of malware that matured in 2011 will are likely to evolve even more fully in 2012.
Rootkit Control
Our researchers expect mobile rootkits to emerge in a major way in 2012. Installing a rootkit requires either physical access to a phone, or tricking users into installing the malware themselves. Successful installation of a rootkit allows thieves to remotely control the phone and steal private data, undetected.
Malvertising
Since we are familiar with clicking on ads to download all kinds of applications, “malvertising” is probably going to surface more often than it has in the past. A malware author can simply purchase a mobile ad which, when clicked, launches malware into the device and routes the user to a malicious website. 
This could be a rather dismal peek into the future, but there is a definitive silver lining. One positive is the fact that we know even more about malware than we did last year, thanks to research by experts like our security team. Consider our team’s few simple tips for protecting our mobile devices:
- Be cautious when downloading new apps or clicking on URLs, and use only trusted purveyors for your app purchases.
- Make protection of your device a priority in your life, just as you would with a PC
- Regularly download the latest updates and security patches available for your device.
- Disable geo-tagging features if you’re not using them.
- Don’t make major purchases or conduct financial transactions at public Wi-Fi hotspots.
We can rest assured that companies like NQ Mobile are working day and night to identify and prepare solutions for new and innovative forms of malware. What’s more, the results of that research are available to us at any time. Downloading powerful protection, such as NQ Mobile Security, will apprehend and resolve threats before they are able to reach our phones.
Read our press release about the NQ Mobile 2011 Security Report.
Download the entire 2011 NQ Mobile Security Report
NQ Mobile’s 2011 Security Report delves into some fascinating facts about the nature 
of malware, as well as last year’s colossal growth spurt in the mobile realm. Mobile threats that showed the strongest capabilities were those that escalate privileges in a system, incur financial charges for the owner, take control of infected devices and steal private data from a device. Many forms of mobile malware are simply modified versions of the same malicious rubbish that once plagued the world of PCs, but malware inventors, just like smartphones, are becoming smarter all the time.
Our security experts explain that malware evolves within specific families. Examples of some of the larger families are the PJapps, with several hundred configurations, and DroidKungFu, with more than 1,000 varied threats, all designed to bypass anti-virus software. Other large families have divided off into separate families, each borrowing infection methods from the other.
NQ’s research found that approximately 80% of Android malware comes in the form of repackaged apps. This method, sometimes referred to as “piggybacking,” involves the use of legitimate apps, mostly games, utilities or pornographic products. Malware authors disassemble the app, add a malicious payload, and repackage it with a seemingly benign name, such as com.google.ssearch, used by DroidKungFu. The malicious code is often encapsulated within the legitimate code, making it harder to detect. When the 
malware is cloaked this way, the user is encouraged to activate an “update,” which will release the malware into the system. The stealth built into this kind of system is becoming more sophisticated, as malware creators study new ways to avoid detection by security software.
Other sly forms of mobile malware, such as Spitmo, ZitMo and GGTracker, got their start with PC malware, like Zeus and SpyEye. These vile infections invite users to download apps or click on ads, and then redirect them to a site that remotely collects their private information. Another method automatically triggers the device to begin making calls in the background to premium numbers, at a substantial cost to the phone owner. The designers of this type of malware work very hard to replicate the logos and interfaces of legitimate sites in order to gain password and account information, as well as to send text messages to contacts stored on the device.
Malware functionality becomes more complex as our researchers analyzed botnets, which take over and control an infected device, and SMS fraud, which dials and sends costly SMS messages without being detected. Then, there are rootkits, designed to take command of the very heart of a mobile system. NQ found that rootkits are now being encrypted before they’re deployed, making them even harder to detect. In fact, our researchers note that one third of the malware dataset they analyzed contained some kind of root exploit. Adware, which has raised eyebrows recently with the Counterclank dispute, uses aggressive advertising methods to harvest private data from unsuspecting smartphone users.
This is a lot of alarming info when it’s all gathered together. The good news is that we know a lot about malware, and thousands of instances are being detected and blocked each day. Educating ourselves about mobile threats may be the best first best step toward eradicating them. The next step is pro-actively protecting our private data. NQ Mobile boasts more than 120 million users that are part of our cloud-based intelligence network, resulting in the largest and most sophisticated mobile threat detection and monitoring database in the world. The download is free. The security is invaluable.
Read all about NQ Mobile’s 2011 Security Report in this week’s press release.
Download the entire 2011 NQ Mobile Security Report
NQ Mobile’s 2011 Security Report leaves us with a lot to consider. The presence of the
smartphone’s nemesis, malware, has increased on the mobile stage, with no sign of slowing down. In fact, it’s just the opposite. But, what are the chances of your individual, personal mobile device becoming exposed to malware?
Our report reveals that the odds of our being exposed to mobile malware increased quite dramatically in a mere six months, between June and December of 2011. In fact, during that time the chances of encountering Android malware in the alternative app market rose two orders of magnitude higher during that short period of time. Perhaps even more concerning is a sharp rise in the likelihood of clicking on a malicious URL while surfing the web, a likelihood that nearly doubled last year. With infected code lurking in new mobile apps as well as the Internet, is anyone exempt from encountering malware? Many smartphone users have been spared from that calamity thus far, but the odds are definitely shifting around the globe.
Statistics show more than 10.8 million infected Android devices around the world in 2011. Countries with the highest rate of malware have proved to be China, India and the U.S., respectively, with Russia and the UK close behind.
Our security team showed a clear correlation between a platform’s popularity and the development of malware for it. Android sales soared in 2011, and malware development and deployment appears to be keeping pace. Should the possibility of malware prevent consumers from buying Android devices? Are we doomed to having infected smartphones? Absolutely not. The point is simply that, the more popular the device, the more vulnerable it becomes. So, what are the options?
Some positive solutions may offer comfort to those of us who love our smartphones. The first key solution is to become well educated about developing safe habits, such as knowing how to trust a URL, deleting unsolicited messages and reading permission screens. Another pro-active solution is to download a trusted, robust security package that will catch and identify malware before it has the chance to infect your phone. NQ Mobile’s security software was built specifically, from the ground up, for mobile and is not simply a revised PC solution, like many others on the market. We manage the largest security network of more than a billion links and a million applications, giving us the ability to resolve and identify 75% of global threats worldwide before our competitors.
Granted, our 2011 Security Report is full of grim statistics, but the great news is that we can inoculate our mobile devices from the threats that loom in the cyber world, and go about our business with a greater sense of safety.
Stay tuned for tomorrow’s blog, when we’ll take a look at the fascinating varieties of malware, how they work, and what they accomplish. Don’t forget to check out the press release on our 2011 security report.
Download the entire 2011 NQ Mobile Security Report
Here at NQ Mobile, our security team is responsible for monitoring, analyzing and 
vaporizing malware before it becomes a threat to our 120 million customers. That’s quite a feat, but our 250 experts are certainly up to the task. Recognized internationally for innovation and quality, NQ Mobile has released a comprehensive report of our 2011 security findings today. In our next few blog posts, we’ll take a more in-depth look at some of the specific results aspects of the report, and explore what some of the findings might indicate for the future of mobile.
Almost every company connected with the mobile industry has taken note of the unusually sharp increase in the number of malware discoveries in 2011. It may be helpful to look back a couple years. NQ Mobile saw 1,649 malware threats in 2009. In 2010, we reported a startling 6,760 threats. But, in 2011, who would’ve dreamed that the number would streak upward to 24,794!
This exponential increase in the number of threats offers rather clear evidence that the malware industry’s becoming progressively more lucrative for those who work on that side of the law. But what’s at the bottom of this newest surge of criminal behavior?
Consider the incredible market blitz of Google’s Android phones in 2011. Never in history have so many people purchased so many mobile devices, and Android certainly had its biggest year ever in 2011. Our report states that in one year, the number of Android malware threats went from fewer than 500 samples to more than 9,900 – an increase of 1,880 percent. In fact, the six months between June and December of 2010 saw an unprecedented jump in malware threats. Infections in Android devices were seen in China, India, the US, Russia and the UK, with China in the lead.
Smartphones are becoming so smart, they’re replacing PCs for the usual communication and business activities that most of us conduct every day. Consumers are finding mobile phones easier and more convenient for banking, bill paying and purchasing. Every new version of smartphone that’s released onto the market has accelerated features and capabilities. Unfortunately, as smart phones become smarter, cyber crime developments are keeping pace. Mobile threats in 2011 showed increased capabilities in terms of escalating privileges, incurring financial charges, controlling infected devices with malware like botnets, and stealing private data.
The Android platform was an obvious favorite for malware developers in 2011. Accordingly, NQ reports that for the first time in history, the monthly number of new Android malware threats exceeded new Symbian threats, a development charted in October of 2011. What made Android such a target for malicious activity last year?
The sheer number of Android devices in use would naturally elevate the malware statistics. However, the fact that Google developed Android as an open platform created an unrestricted playing field for app developers, both legitimate and crooked.
Read today’s press release, and tune in tomorrow for another discussion about NQ Mobile’s 2011 Security Report. You can also check out our infographic in the blog post below.
Download the full 2011 NQ Mobile Security Report
A new report from NQ Mobile shows that from 2010 to 2011, Android officially overtook Symbian as the most targeted mobile platform in the world by cyber criminals. Also, in 2011, newer and more advanced forms of malware have successfully infected an estimated 10.8 million Android devices worldwide. This is expected to increase throughout 2012. What does this mean for smartphone users? It’s more important than ever to protect yourself from smartphone privacy and security threats. We created this infographic–along with the full study– to help users understand the risks and how to prevent them:
