NEWS FROM THE LAB - Tuesday, June 9, 2009

Waiting for Mobile Malware Wave Posted by Alia @ 02:41 GMT

For the last couple years there has been talk – like this iGillotResearch report (in pdf) – about how the convergence of mobile phones and the Internet would unleash a new wave of threats targeted to the phone and distributed over the Internet. We've definitely seen a number of attacks on mobile network operators. Yet up until now, most users haven't been hit by Internet-based attacks.

For example, the Apple iPhone last year saw its first Trojan to be distributed via the Internet. Still, that was more "script-kiddie prank program" than "serious crimeware". Heck, it wasn't even the first Internet-based mobile threat – technically, you could argue the 2006 Eliles.A worm has that distinction. Halfway through 2009, there hasn't yet been any major outbreaks of Internet-distributed mobile malware.

So what's this, another bogeyman story about mobile security? Well kinda. Today Apple announced the release of its iPhone 3G S model on June 19. It's supposed to be faster, more feature-loaded and so on.

iphone(source: att.com)

In offering a neat package of enhanced phone, easy surfing with the onboard Safari browser and the appeal of a huge variety of programs from the App store, Apple looks set to spur even more people into into getting online via their mobile phones.

And as seems to be the case with mobile phones these days – where Apple leads, others will follow. Most mobile phone producers have been racing to provide the same level of online browsing user-friendliness in their products. If they get it right, that means even more users picking up mobile surfing.

Which means that malware authors will have even more reason to start targeting the mobile phone. Let's hope's the phone producers and mobile network operators consider that first Trojan a kind of "warning shot" and set up some strong security measures.

For now, it seems like all is quiet on the mobile front.

On an unrelated note, the new iPhone model also formally introduces an Internet Tethering functionality allowing users to connect a computer to the phone and surf the Internet – no Wi-Fi hotspot required. Some users have been asking for the feature for a while now, so – wish granted. Enjoy!