Getting rich with mobile malware: the how, the where, and the $$$ |
---|
Denis Maslennikov |
Mobile Research Group Manager Kaspersky Lab Moscow, Russia |
It is not a secret that cybercriminals attack mobile users to make money. For instance, at the beginning of June, the Malaysian police arrested 26 people running an SMS scam ring. The total value of the registered losses in this single case was close to 2 million US dollars. New technologies and loopholes in the legislation of certain countries enable cybercriminals to make significant profits by creating and spreading malicious programs for all mobile platforms, from Symbian to Android. At Kaspersky Lab, we've been watching cybercriminals profiting at the expense of all mobile users for more than two years. In our observations, the majority of commercialized attacks are geo-targeted, i.e. they focus on users in a specific part of the world. Such attacks are especially spread in Asia – including but not limited to Indonesia, China and parts of Russia. In this presentation, we will analyse the most notable pieces of commercialized mobile malware: Flocker, Facekob, Sejweek, Lopsoy and others. We will also examine the most profitable methods used by cybercriminals, from theft of private data to dialling premium numbers. Looking at the geographical distribution of mobile malware attacks with focus on Asia we will show the estimated losses. Finally, we will describe the measures that must be taken in order to stop this growing phenomenon and the consequences of failing to understand them. |