AusCERT 2011: Mobile banking malware on the rise

Mobile OSes not as safe as they seem

Lisa Banks (Computerworld)
17 May, 2011 09:50
Comments

Trusteer chief technology officer, Amit Klein

Chief technology officer of Trusteer, Amit Klein, has spoken about the trends of mobile malware, citing mobile banking as the next big threat to the industry.

In the keynote session of the second day at the AusCERT conference on the Gold Coast, Klein said the financial and mobile malware began to increase during 2006, and has only become more prevalent in recent years.

“The financial malware for desktop started flourishing mid last decade around 2004 to 2005; we started seeing some earnest attempts at malware,” he said.

“We started seeing third generation malware as early as 2006 but market domination occurred around 2008.”

Klein identified a number of tricks used by those committing attacks on mobile devices, with botnets cited as one element behind attacks.

Check out our comprehensive AusCERT 2011 coverage

“Distributed command and control systems enable survivability and increases resistance to takeover attempts and ensuring there are many hosts out there to control the botnet,” he said.

“The botnet market has evolved from a one-stop shop into segments.”

Identifying a variety of myths associated with mobile banking malware, Klein said complacency by consumers is a dangerous trend that will only become worse once mobile banking increases in popularity.

“Sandboxing provides a malware free device, mobile apps are controlled, and there’s no money to steal in mobile apps are all myths will be proven wrong,” he said.

Citing Zeus attacks as one method that could be used to intercept Blackberry, Symbian and Windows Phone 7 devices, Klein said these attacks have been used to infiltrate banks in countries as varied as Spain, Poland and Germany, saying mobile devices will be even easier to infiltrate.

“Pay attention to how sophisticated and complex this attack is on behalf of the fraudster - what happens if or when mobile banking takes off? Then they will only have the mobile device to take care of.”

Klein's comments come as a US consultant said at AusCERT yesterday that a second Stuxnet worm will soon arrive.

Follow Lisa Banks on Twitter: @CapricaStar

Follow Computerworld Australia on Twitter: @ComputerworldAU

"1. The HTC has a better low light camera and the lens ..."

Samsung Galaxy S4 vs. HTC One: 5 Reasons to Choose the GS4
"as a teacher - you can't win - in a constantly changing ..."

High school students still see ICT as ‘sitting at a computer all day’: survey
"yep - big brother is watching you - now go out and ..."

Does encryption really shield you from government's prying eyes?
"New manager arrives, fires most of the apparently-underskilled staff rather than training ..."

Solving the skills conundrum – part 1
"How many of the Fortune 500 companies have access to PRISM? https://en.wikipedia.org/wiki/Industrial_espionage ..."

Australia suspected to have PRISM data: Ludlam

Tags: Trusteer, Amit Klein, mobile malware, auscert 2011, banking mobile

Latest Blog Posts

Whitepapers

Power of Three: Building Mobile Initiatives Guided by Business Goals, Technology and Governance
The use of powerful mobile devices has become so widespread industry leaders in almost every sector have embraced mobility solutions as central elements of their IT and business operations. As mobile budgets grow, so does the influence of business units on mobility strategy. Read on.

Learn more »
Protecting Your Data, Intellectual Property, and Brand from Cyber Attacks
Enterprises and government agencies are under virtually constant attack today. It is clear that the cybercriminals, nation-states, and hacker activists waging these attacks are growing increasingly sophisticated and more effective in their efforts to steal and sabotage. Why are today’s security defenses failing? In this battle, your security teams are using outdated arsenal - download now to learn more.

Learn more »
Enterprise Mobility Management: Embracing BYOD Through Secure App and Data Delivery
The transformation of computing through mobility, consumerisation, bring-your-own device (BYOD) and flex-work offers powerful benefits for today’s organisations - but it poses significant challenges for IT. The first response of many IT organisations to the influx of consumer-grade and employee-owned mobile devices has been to lock down and control every mobile device in the enterprise through mobile device management (MDM) solutions. Find out why Citrix enterprise mobility management is the best approach.

Learn more »

All whitepapers

Most Read
Most Commented

Get exclusive access to Invitation only events CIO, reports & analysis.

Latest Jobs

Zones

Featured Whitepapers

Top 10 Reasons You Don’t Need MDM

Even though companies such as Fiberlink make it easy to centralise the management and security of mobile devices of all shapes and sizes, that is no excuse for capitulating to ...

Recent comments

"1. The HTC has a better low light camera and the lens ..."
Samsung Galaxy S4 vs. HTC One: 5 Reasons to Choose the GS4
"as a teacher - you can't win - in a constantly changing ..."
High school students still see ICT as ‘sitting at a computer all day’: survey
"yep - big brother is watching you - now go out and ..."
Does encryption really shield you from government's prying eyes?
"New manager arrives, fires most of the apparently-underskilled staff rather than training ..."
Solving the skills conundrum – part 1
"How many of the Fortune 500 companies have access to PRISM? https://en.wikipedia.org/wiki/Industrial_espionage ..."
Australia suspected to have PRISM data: Ludlam

Follow CIO

Market Place

Now out of the office never means out of the loop. Office 365 – your complete office in the cloud.

Deploying mobility worthwhile challenge hear what CIOs have to say.. Read more

SolveXia’s key tips for CIOs seeking improved productivity through automation. Click here

Security 2013 Exhibition: 160 brands, new innovations, expert speakers & more, register now.

Latest Jobs

Subscribe to CIO

Critical. Authoritative. Strategic. CIO magazine addresses the issues vital to the success of IT and business executives. Solutions-oriented editorial provides a greater understanding of the role IT plays in achieving corporate goals. Subscribe to the print edition today.

Download OPML file for import with all IDG RSS feeds

CSO Online Data Security Briefing

AusCERT 2011: Mobile banking malware on the rise

Recommended

Does encryption really shield you from government's prying ...

Australian National University adds augmented reality to mobile ...

CIO roundtable: Staying in control in the cloud

Debating the digital economy

Why the fuss about big data?

Homeless multinationals and taxing decisions

10 Tips for Dealing with a Bully Boss

5 open source help desk apps to watch

How to define the scope of a project

Australia suspected to have PRISM data: Ludlam

PMBOK vs PRINCE2 vs Agile project management

Australia Post’s mail business to lose $200 million this year

Online shopping reaches mainstream status

Salesforce.com aims for next $1 billion business with ExactTarget buy

Australia suspected to have PRISM data: Ludlam

Why Agile Isn't Working: Bringing Common Sense to Agile Principles

Symantec Business Critical Virtualisation Content Zone

BlackBerry Enterprise Service 10 Zone

HP Tech Connect Resource Centre

Top 10 Reasons You Don’t Need MDM

Enterprise Mobility Management: Embracing BYOD Through Secure App and Data Delivery

Legal Compliance in Electronic Record Keeping

The IT Priorities for 2013

Forrester: The Three Stages of Cloud Economics