Mobile Malware is typically targeted more toward handheld devices for which an SDK is available than those without one.SDK are more prevalent for smart phones and PDA .
How Malware Enter Into Mobile some common are :
Communication network can be used to deliver viruses and other forms of malware to handheld devices.
Malware May also received during synchronization with desktop computers and via tainted storage Media.
Internet Downloads A user may download an infected file via an internet connection. (GAME,APPLICATION(freeware,shareware) ) , If they contain vulnerabilities that can be exploited by malware.
Messaging services malware attachments can be appended to electronic mail and sms messages delivered to a devices.
Bluetooth Communication can be delivered (malware) by engaging the available connectivity services supported by a device left in discoverable mode.
with all of these Delivery methods , the user usually has to give consent for the malware to install and execute.Malware writers use social engineering techniques to get users to carry out the necessary actions.
Malware may potentially eavesdrop on user input or otherwise steal sensitive information, destroy stored information. or disable a device.
Malware may also accumulate wireless communications fees against a subscriber. (sending sms,initiating calls to chargeable toll numbers)
High Level categories of Malware
- Spoofing Malware is able to provide phony information to the user to trigger a decision or action that impacts the security of the device.
- Data interception or access malware residing on the device is able to intercept or access data
- Data Theft Resident malware is able to collect and send data out of the devices
- Backdoor Malware reside on the device is able to offer functionality that allows an attacker to gain access at will.
- Service abuse resident malware is able to perform actions that cause higher than expected services provider costs for the user
- Availability malware is able to perform impact the availability of integrity of either the device or the data held upon it.
- Network Access Malware resident on the devices is able to use the device for one or more unauthorized network activities, including port scanning or using the device as a proxy for network communications.
- Workable resident malware is able to use available technology to propagate itself in semiautonomous fashion.
No comments:
Post a Comment