AusCERT 2011: Mobile banking malware on the rise
- 17 May, 2011 09:50
Trusteer chief technology officer, Amit Klein
Chief technology officer of Trusteer, Amit Klein, has spoken about the trends of mobile malware, citing mobile banking as the next big threat to the industry.
In the keynote session of the second day at the AusCERT conference on the Gold Coast, Klein said the financial and mobile malware began to increase during 2006, and has only become more prevalent in recent years.
“The financial malware for desktop started flourishing mid last decade around 2004 to 2005; we started seeing some earnest attempts at malware,” he said.
“We started seeing third generation malware as early as 2006 but market domination occurred around 2008.”
Klein identified a number of tricks used by those committing attacks on mobile devices, with botnets cited as one element behind attacks.
“Distributed command and control systems enable survivability and increases resistance to takeover attempts and ensuring there are many hosts out there to control the botnet,” he said.
“The botnet market has evolved from a one-stop shop into segments.”
Identifying a variety of myths associated with mobile banking malware, Klein said complacency by consumers is a dangerous trend that will only become worse once mobile banking increases in popularity.
“Sandboxing provides a malware free device, mobile apps are controlled, and there’s no money to steal in mobile apps are all myths will be proven wrong,” he said.
Citing Zeus attacks as one method that could be used to intercept Blackberry, Symbian and Windows Phone 7 devices, Klein said these attacks have been used to infiltrate banks in countries as varied as Spain, Poland and Germany, saying mobile devices will be even easier to infiltrate.
“Pay attention to how sophisticated and complex this attack is on behalf of the fraudster - what happens if or when mobile banking takes off? Then they will only have the mobile device to take care of.”
Klein's comments come as a US consultant said at AusCERT yesterday that a second Stuxnet worm will soon arrive.
Follow Lisa Banks on Twitter: @CapricaStar
Follow Computerworld Australia on Twitter: @ComputerworldAU
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- HTC unveils new Butterfly s phone that packs more battery life
- Google Glass apps for enterprises coming by early 2014
- iPad 5 rumour rollup for the week ending June 18
- Say 'cheese', Earthlings! Spacecraft to snap home planet pic from deep space
- Social media adds spice to financial services, say banks
Samsung Galaxy S4 vs. HTC One: 5 Reasons to Choose the GS4
High school students still see ICT as ‘sitting at a computer all day’: survey
Does encryption really shield you from government's prying eyes?
Solving the skills conundrum – part 1
"How many of the Fortune 500 companies have access to PRISM? https://en.wikipedia.org/wiki/Industrial_espionage ..."Australia suspected to have PRISM data: Ludlam
Power of Three: Building Mobile Initiatives Guided by Business Goals, Technology and Governance
The use of powerful mobile devices has become so widespread industry leaders in almost every sector have embraced mobility solutions as central elements of their IT and business operations. As mobile budgets grow, so does the influence of business units on mobility strategy. Read on.
Protecting Your Data, Intellectual Property, and Brand from Cyber Attacks
Enterprises and government agencies are under virtually constant attack today. It is clear that the cybercriminals, nation-states, and hacker activists waging these attacks are growing increasingly sophisticated and more effective in their efforts to steal and sabotage. Why are today’s security defenses failing? In this battle, your security teams are using outdated arsenal - download now to learn more.
Enterprise Mobility Management: Embracing BYOD Through Secure App and Data Delivery
The transformation of computing through mobility, consumerisation, bring-your-own device (BYOD) and flex-work offers powerful benefits for today’s organisations - but it poses significant challenges for IT. The first response of many IT organisations to the influx of consumer-grade and employee-owned mobile devices has been to lock down and control every mobile device in the enterprise through mobile device management (MDM) solutions. Find out why Citrix enterprise mobility management is the best approach.