Your smartphone offers new frontier for hackers

LAS VEGAS - Hackers are out to stymie your smartphone.
Last week, security researchers uncovered yet another strain of malicious software aimed at smartphones that run Google's popular Android operating system. The application not only logs details about incoming and outgoing phone calls, it also records those calls.
That came a month after researchers discovered a security hole in Apple Inc.'s iPhones, which prompted the German government to warn Apple about the urgency of the threat.
Security experts say attacks on smartphones are growing fast - and attackers are becoming smarter. "We're in the experimental stage of mobile malware where the bad guys are starting to develop business models," said Kevin Mahaffey at Lookout, a maker of mobile security software.
Wrong-doers have infected PCs with malicious software, or malware, for decades. Now, they are fast moving to smartphones as the devices become a vital part of everyday life.
Some 38 percent of American adults now own an iPhone, BlackBerry or other mobile phone that runs the Android, Windows or WebOS operating systems, according to data from Nielsen. That's up from just 6 percent who owned a smartphone in 2007 when the iPhone was released and catalyzed the industry. The smartphone's usefulness, allowing people to organize their digital lives with one device, is also its allure to criminals.
All at once, smartphones have become wallets, email lockboxes, photo albums and Rolodexes. And because owners

---

Advertisement

---

are directly billed for services bought with smartphones, they open up new angles for financial attacks. The worst programs cause a phone to rack up unwanted service charges, record calls, intercept text messages and even dump emails, photos and other private content directly onto criminals' servers. "Bad guys go where the money is," said Charlie Miller, research consultant with the Accuvant Inc. security firm. "As more and more people use phones and keep data on phones, and PCs aren't as relevant, the bad guys are going to follow that. The bad guys are smart. They know when it makes sense to switch."
Malicious applications often masquerade as legitimate ones, such as games, calculators or pornographic photos and videos. They can appear in advertising links inside other applications. Their moneymaking schemes include new approaches.
One recent malicious app secretly subscribed victims up to a service that sends quizzes via text message. The pay service was charged to the victims' phone bills, which is presumably how the criminals got paid. They may have created the service or been hired by the creator to sign people up. Since malware can intercept text messages, it's likely the victims never saw the messages - just the charges. Mobile users are "always on" and respond to emails faster, in the first few hours before phishing sites are taken down.
AP.