Mobile Devices Under Attack From China

Malware is finding its way to the mobile market via hackers from China.

Malicious-code attacks are being aimed at mobile devices, security researchers say. The malware, which comes hidden inside legitimate applications, can compromise information on the device and even target the user for extortion.

One recent attack was a Trojan called WinCE/InfoJack that was aimed at Windows Mobile PocketPCs. Dave Marcus, security research and communications manager of McAfee Avert Labs, told us that WinCE/InfoJack was bundled with legitimate installation files such as Google Maps, games and stock-trading applications, and then distributed across a variety of Web sites. "That's a technique we've seen utilized in the PC malware for quite some time," Marcus said, but is still new in attacks on mobile platforms.

The Trojan sends out information about the device (such as its serial number and operating system) to the owner of a now-offline Web site in China. It's a particularly dangerous attack because it shuts off other forms of security. Devices require authorization to allow programs to be installed, Marcus said. "This malware shut down that functionality, which could then allow the malware to update itself or allow other people to put malware on the phone."

Modular Malware

Another malware attack noted by McAfee researchers is aimed at Symbian Series 60 phones, available from manufacturers including Nokia, Panasonic, and Samsung. Also based in China, the SymbOS/Kiazha attack was designed to extort money from an infected user by disabling the phone until a payment of roughly $7 is made via QQ, a popular instant-messaging network in China that features "coins" that function as an in-network currency.