Mobile Malware
epidemic on the way
A mobile malware epidemic could render phone networks useless within two to three years, if public awareness of the issue and network security experts don’t take control out of the hands of hackers. If you’re intelligent enough to be reading the Sciencetext blog, then it’s unlikely that you’re going to be taken in by an email phishing scam or be running a security-compromised web browser.
Taxonomies of Mobile Malware
Over on Threatpost.com, Dennis Fisher has the skinny on a new iPhone app that is capable of harvesting huge amounts of personal data from stock iPhones, including geolocation data, passwords, address book entries and email account information, all using just the public API. The app, called SpyPhone, is the handiwork of Nicolas Seriot, a Swiss iPhone app developer who found a way to abuse the public iPhone API that Apple made available for application developers.
SpyPhone app harvests personal data from stock iPhones | Zero Da
Zeus crimeware using Amazon's EC2 as command and control server
UPDATED: ScanSafe posted an update stating that " In the past three years, ScanSafe has recorded 80 unique malware incidents involving amazonaws, 45 of which were in 2009, 13 in 2008, and 22 in 2007Trojan.Whitewell: What’s your (bot) Facebook Status Today? | Sym
Sure we have heard a lot about bots and botnets. One key component of a botnet is the command-and-control (C&C) server, which as we know can come in several flavours (IRC, Web pages, newsgroups, custom servers, etc.).
The FortiGuard Global Security Research Team has investigated the case of a new mobile worm resorting to a breakthrough propagation strategy, which leverages SMS messages and Internet access.
