About Thawte

• Contact Us
• Worldwide Sites
• Why Thawte

In the age where smartphones and other mobile devices are used for everything from personal entertainment to business pursuits, it is becoming more important to ensure the security of hand-held hardware. In addition to the devices' increasing use cases, individuals are also storing a rising amount of sensitive information, not only associated with the owner themselves, but their employer as well. For this reason, it is vital that users remain vigilant in the fight against mobile malware by being aware of current top threats and leveraging best practices to prevent infection.

Current threats: Malware targets Facebook, digital currency
According to PCWorld contributor Lucian Constantin, one of the newest mobile malware samples in the wild currently is Qadars, a variation of a computer-based banking Trojan. The strain is a type of man-in-the-browser attack known as a webinject, an approach often leveraged by hackers to steal authentication information from Web users.

In this case, however, hackers are utilizing the infiltration style to target Facebook users and potentially sidestep two-factor authentication on the platform. In the Qadars sample, users' Facebook pages are injected with rogue JavaScript code when the social network is accessed via an already infected system.

"The injected code generates a message instruction users to download and install Android malware that can steal authentication codes sent to their phones via SMS," Constantin wrote.

Another current threat is that of the Coinkrypt malware, which according to PCWorld contributor Jeremy Kirk, is a targeted attack aiming to steal users' digital currency. Instead of going after the traditional sensitive information, the sample connects infected devices to peer-to-peer networks used for digital currency mining. However, this malware does more than just include the smartphone in a mining network without the owner's permission.

"Mining can be incredibly resource-intensive and, if allowed to run without any limits, could potentially damage hardware by causing it to overheat and even burn out," said security researcher Marc Rogers. "Users affected by this malware will find their phones getting warm and their battery-life massively shortened."

Mobile malware prevention tips
There are strategies individuals can utilize to prevent these and other mobile malware samples from infection their mobile devices. One such practice is to avoid illegitimate application stores and to do some research about the programs they download on their devices, TechRepublic contributor Ben Connor suggested.

In addition, users should also turn off their Bluetooth and Wi-Fi capabilities when they are not in use. These features can present an opportunity for hackers to access the device. Furthermore, public Wi-Fi networks are usually prone to more malicious activities, and should also be avoided when possible.

Connor also advised utilizing strong authentication credentials and leveraging encryption to protect any information stored on the device that may present a target for cybercriminals.

"Encrypting data is especially important if you store sensitive company information on the device," Connor wrote. "Without any encryption, you are potentially opening up full access to your data."

Protect data in transit with an SSL certificate today.

corporate office

Thawte
The Gateway
Century Lane
Century City, 7441
Cape Town
South Africa

Postal Address:
P O Box 15986
Panorama 7500
Cape Town
South Africa

Call: +353 1 793 9141
Fax: +27 21 819 2950