F From Nothing to Massive – N thi t M i Android under Attack Vi Vicente Diaz t Di Senior security analyst
It It ´ s Sept It It s Sept September September ember so ember, so so we so we we we ... ... Sep 22, 2011 The Kaspersky Security Symposium, Munich
Question Question 1 Question Question 1 How many of you have a mobile phone? How many of you have a mobile phone? Sep 22, 2011 The Kaspersky Security Symposium, Munich
Question Question 2 Question Question 2 Do you think you have Do you think you have something valuable g in your mobile phone? Sep 22, 2011 The Kaspersky Security Symposium, Munich
Question Question 2 ( Question Question 2 ( 2 (again 2 (again again) again) …Actually, probably more things than you think Actually probably more things than you think You probably don´t want everybody to see this Sep 22, 2011 The Kaspersky Security Symposium, Munich
Question Question 3 Question Question 3 Are there viruses for smartphones? Are there viruses for smartphones? Sep 22, 2011 The Kaspersky Security Symposium, Munich
User A User A User Awareness User Awareness areness Very Low areness … Ve Very Low ow! ow! How do you estimate the malware infection risk when surfing the web from different devices? T ABLET PC (N= 132) 5.1 pts 5.1 pts S MARTPHONE S MARTPHONE PC / N OTEBOOK PC / N OTEBOOK (N= 1618) (N= 1518) 4.7 4.7 pts pts 6.0 6.0 pts pts N O R I SK OF N O R I SK OF E XTREMELY H I GH E XTREMELY H I GH M ALWARE R I SK OF M ALWARE 1 2 2 3 3 4 4 5 5 6 6 7 7 8 8 9 9 I NFECTI ON I NFECTI ON Source: Smartphone Users Study for Kaspersky Lab Sep 22, 2011 The Kaspersky Security Symposium, Munich
My My My Mobile W My Mobile W Mobile Was Mobile Was s Com s Com ompr ompr promised promised omised So omised, So So What So What hat? hat? Sep 22, 2011 The Kaspersky Security Symposium, Munich
Mobile Malw Mobile Malware Mobile Malw Mobile Malware are Hist are Hist istory istory 2006 ‐ 2008 2008 ‐ Now 2004 ‐ 2006 2000 ‐ 2004 Evolution Evolution Monetization Monetization Th b The beginning i i Proof of (Symbian) (J2ME) (All platforms) concepts Sep 22, 2011 The Kaspersky Security Symposium, Munich
Mobile Malw Mobile Malware Mobile Malw Mobile Malware are Evolution are Evolution lution lution 65% growth of threats in 2010 over 2009 Number of Modifications 2000 1800 1600 1400 1200 1000 800 600 400 200 0 jun.04 apr.05 jun.05 aug.05 oct.05 dec.05 feb.06 apr.06 jun.06 aug.06 oct.06 dec.06 feb.07 apr.07 jun.07 aug.07 oct.07 dec.07 feb.08 apr.08 jun.08 aug.08 oct.08 dec.08 feb.09 apr.09 jun.09 aug.09 oct.09 dec.09 feb.10 apr.10 jun.10 aug.10 oct.10 dec.10 feb.11 apr.11 Source: Kaspersky Lab Source: Kaspersky Lab Sep 22, 2011 The Kaspersky Security Symposium, Munich
Malw Malw Malware f Malware f are for Smar are for Smar r Smartphones r Smartphones tphones 20 tphones, 20 2011 2011 1% 1% 6% 23% Android Symbian Windows Mobile iOS Blackberry 69% Source: Kaspersky Lab Sep 22, 2011 The Kaspersky Security Symposium, Munich
Exam Example 1: Example 1: Exam ple 1: SMS F ple 1: SMS F SMS Fraud SMS Fraud aud aud Trojan dials international premium- rate numbers every month t b th Sep 22, 2011 The Kaspersky Security Symposium, Munich
Exam Example 2: Exam Example 2: ple 2: Rick ple 2: Rick Rick in Y Rick in Y in Your iPhone in Your iPhone ur iPhone ur iPhone • Jailbroken Iphones first worm • Nice, we all LOVE Rick Astley, don´t we? • However … Mobile World Congress Sep 22, 2011 The Kaspersky Security Symposium, Munich ‘Mobile Malware Threatscape in 2011’
Exam Example 3: Exam Example 3: ple 3: Andr ple 3: Andr Android Mar Android Mar oid Market 20 oid Market 20 2011 2011 Sep 22, 2011 The Kaspersky Security Symposium, Munich
Main R Main Reason? Main R Main Reason? ason? ason? Sep 22, 2011 The Kaspersky Security Symposium, Munich
But W But Wait But W But Wait it There’s it, There’s There’s More There’s More ore ore Sep 22, 2011 The Kaspersky Security Symposium, Munich
Social Engineering Social Engineering Attacks Social Engineering Social Engineering Attacks ttacks ttacks • Dear Mr. Foo (attacker knows who you are) • I´m calling you from your YourBank local office in Chelsea (attacker knows where you office in Chelsea (attacker knows where you live and your bank). • In order to prevent fraud we need to check • In order to prevent fraud we need to check some details, first I need to ensure you are the holder of the credit card with number the holder of the credit card with number xxx ‐ xxx ‐ xxx ‐ xxx (attacker knows your credit card) card). • Can you please tell me the number that appears on the back of your card? … th b k f d? Sep 22, 2011 The Kaspersky Security Symposium, Munich
Targe Targe rgeted A rgeted A ed Attacks ed Attacks ttacks ttacks Sep 22, 2011 The Kaspersky Security Symposium, Munich
Summar Summary Summar Summary • Malware is targeting the most popular platforms g g p p p • Profit ‐ driven • Authors unpunished p • Social engineering + lack of user awareness • Devices easily accessed/stolen e ces eas y accessed/sto e • How long does it take to jailbreak an iPhone? • More and more valuable data on them • Contacts • Agenda • Geo ‐ location Sep 22, 2011 The Kaspersky Security Symposium, Munich
Recommendations Recommendations commendations commendations • Lock your screen L k • Use security software • Back up your data k d • Use encryption • Beware of what you install • Do not jailbreak/root your device • Do not connect to untrusted Wi ‐ Fi access points • Do not skip updates AND • Do not assume your mobile is safer than your PC Sep 22, 2011 The Kaspersky Security Symposium, Munich
[Vi [Vicente Diaz] t Di ] [vicente.diaz@kaspersky.com] [ 34 681244756] [+34 681244756] [@trompi]
Recommend
More recommend
