Cell Phone Malware

By Doug Logan

“But my cell phone can’t get a virus, right?” Wrong. The rise in smart-phone popularity and the “app” market have provided new avenues for unsavory people to try to attack your personal information.

“Cell phone Malware” comes in three main varieties: worms, trojans, and spyware, all of which can lead to system collapse, loss of information, and information leakage. Worms are typically transmitted via text or SMS messaging. Their primary goal is to endlessly reproduce, and worms do not require user interaction to execute. Trojans do require user interaction and can be much more dangerous because they typically transport information to a third party server. Trojans get their name because this type of malware is typically “hidden” in an application that is attractive to the user. Spyware, a broader category of malware, refers to any kind of malware that tracks and distributes a user’s information to third parties. All three of these viruses can be frustrating and potentially costly to the user.

One common source of cell phone malware is internet advertisements known as malvertisements. While impossible to keep completely secure on the internet, McAfee recommends users “[p]erform web searches on trusted search engines such as Google, Yahoo or Bing to ensure higher safety measures in your search results.” Further, McAfee suggests to “[d]ouble check the URL of any page you are visiting, especially when led there by an untrusted ad,” and to “[b]e wary of clicking on any ad that promises free product or prizes for almost no effort on your part.”

Google and Apple do a good job of locating apps in the app stores that contain harmful malware. However, for those users trying to find avenues around legitimate app purchases, the risk of contracting malware can be particularly acute. One simple solution is to pay for the applications that require you to do so. However, even in legitimate attempts to pick free versions of pay to purchase apps, a user could be victimized by malware.

Most of the concern surrounding malware in the United States focuses on criminal activity, such as identity theft. The Department of Justice is well aware of the threats posed by malware and specifically regarding cell phones, however, some of the difficulty appears to be the shear number of phones and wealth of malware. Other countries, such as New Zealand allow for the criminal prosecution of cell phone malware, particularly for intercepting a private communications. For example, if a criminal accesses an email or voicemail with sensitive information, they could be prosecuted under Part 9A of the Crimes Act 1961. However, individuals have to worry about more than just criminals. For example, the New York Times recently reported that the Chinese Government was possibly using different forms of malware to track protesters in Hong Kong.

It is important to remember that as cell phones and tablets become more and more like traditional desktop computers, many of the problems that are typically associated with desktop computers will affect mobile devices as well. In the never-ending battle between convenience and susceptibility users must keep in mind that there are those willing to use whatever means necessary to gain access to sensitive information.