Scams target smartphones and utility company customers


By Robert E. Holtfreter, Ph.D., CFE, CICA
robert-holtfreter-80x80.jpg

Taking Back the ID: Identity theft prevention analysis

On Jan. 7, SC Magazine reported that IntelCrawler, a cybercrime research company in Los Angeles, detected a new type of malware, "XXXX.apk," which has infected close to 24,000 smartphones. (See  Thousands of smartphones infected with 'spy' malware, by Tim Ring.)

The smartphone brands infected so far, according to IntelCrawler in Ring's article, include the HTC Sensation and Amaze 4G, the Google Nexus, the Samsung GT I9300 and Galaxy Note II SCH-I605. He writes that malware also has been found on the LG Motion 4G (MS770), Huawei U8665 and Alcatel One Touch. No doubt, other brands will be infected over time.

At this point, according to IntelCrawler in the SC Magazine article, cybercriminals are using the XXXX.apk malware for spying on individuals; collecting technical information about each of their smartphones, including its location, "phone model, encryption method, password, use of Wi-Fi networks"; and to act as "zombies" to collect data about surrounding hotspots.

The list of hotspots extracted from the compromised smartphones, according to IntelCrawler in the article, include "restaurants, VIP lounges in the international airports and luxury hotels, to corporate wireless and SOHO [‘small office, home office'] networks, from peaceful citizens to government employees" from locations in China, the U.S., the EU, Israel, India, Singapore and Russia. This definitely indicates that the malware is widespread, which doesn't speak well for its potential for criminal activity.

This malware, according to IntelCrawler in the SC Magazine article, has the technical ability to detect a connection to users' PCs through USB ports. Cybercriminals use this connection to hack into PC users' home wireless networks, infect them with malware and steal personally identifiable information.

A spokesman at IntelCrawler, according to the SC Magazine article, said the malware was probably included in fake mobile apps, which users purchase. Cybercriminals have had a history of constructing fake apps infested with malware and selling them on mobile marketplaces.

Of course, not all mobile apps contain malware, but history tends to indicate that those offered on the Apple iTunes market go through more rigorous stringent security checks than the Android market. Of course, this is the reason malware developers prefer to target the Android operating system.



For full access to story, members may sign in here.

Not a member? Click here to Join Now. Or Click here to sign up for a FREE TRIAL.