Cell phone malware

Many other malicious programs from the time were mainly aimed at spreading themselves via SMS or Bluetooth, blocking the system or making it unable to start. Symbian , in particular, was a popular target with a number of different types of malware. In addition, a Java ME runtime environment ran on almost every cell phone , which made the viruses particularly portable.

Many of the old malware no longer run on modern smartphone operating systems. Nevertheless , malware has been written for such systems, especially Android , in recent years .

The focus of the malware has shifted with the platforms. Whereas in the past it was often a matter of making the system bootable or unable to run, modern viruses are more focused on sending data on cell phones (e.g. pictures or contacts) to the programmer; This is made possible by the fact that many smartphones are connected to the internet practically all the time and have internet flat rates.

distribution

The first type of cell phone malware were tools that could be used to read the firmware or remove a SIM lock. At the turn of the millennium, data cables that were plugged into the serial port of a PC were mostly used for this. Since such tools were not wanted by the manufacturers of the cell phones, one had to rely on software from crackers. The user could be unlucky and "brick" his cell phone. This was partly due to bugging software, but often also to deliberate malicious code. For example, there was a sabotage tool that promised to remove the SIM lock on the Siemens C25 and S25 cell phones. If an unsuspecting cell phone owner used this Trojan horse , the cell phone only displayed the message DESTROYED BY C25 UNLOCKER . The simple installation of new firmware was also prevented. With appropriate instructions from the Internet, the cell phones can be cleaned again.

The first "real source of infection" was Bluetooth , followed by MMS .

In 2008 modern smartphones entered the mass market and malware had a new target.

Since smartphones in the vast majority of cases obtain their software from a shop integrated into the system (usually called an app store or store), most malware is now distributed through this. A jailbreak and the unofficial apps that it makes possible significantly increase the risk of malware infection.

Malware on cell phone operating systems

Java

Almost every cell phone of the time allowed the execution of Java programs (via a Java ME runtime environment), and users and programs had access to a large part of the file system and hardware, which enabled the malware to be used in many areas.

Users could simply install additional software and transfer it via MMS or Bluetooth. Since Java ME also had access to the file system and Bluetooth and could send MMS, the programs could spread themselves without the knowledge of the user.

Symbian

Symbian was a popular target for virus writers due to its widespread use. The platform not only offered Java ME, but also allowed the execution of native C / C ++ code.

With Symbian S60 Version 3, certificates for programs were introduced; Unsigned software can no longer be installed unnoticed, or the user has to confirm that the software should be installed.

Malware on smartphones

A security report in 2016 found the most mobile malware infections on Android devices (74%), followed by Windows / PCs (22%) and iPhone and other platforms (4%). The infection rate was 0.49% in the first half of 2016 and is thus significantly higher than in 2015 with 0.25%. Only 3 malicious programs were responsible for 47% of all detected malware infections, Uapush.A, Kasandra.B and SMSTracker.

iOS and Windows Phone 7 / Mobile 10

Both Apple's iOS and Microsoft's Windows Phone 7 / Mobile 10 can only install software via the App Store or Windows Phone Store . Since the apps are all checked before they are published, and all apps run in a sandbox , there are no viruses in the traditional sense for these platforms.

However, there are Trojans for these platforms. B. disguise as a game, but sends data to the programmer in the background.

In November 2011, Charlie Miller showed that even though every app was checked, malware could still get into stores. He wrote an app that queried share prices but contained code that deactivated the iOS security system and enabled Miller to write arbitrary code on his mobile phone execute.

Android

Since Google does not always adequately check the apps offered in the Google Play Store and apps on Android e.g. Sometimes you can get a lot of rights (such as sending SMS), there are a number of malicious programs for this system. In September 2011, the number of malicious programs for Android was estimated at 200.

However, Google has the option of deleting such apps with malicious code from all Android devices.

Jailbreaking

Since almost no smartphone operating system can be completely changed by the user, not even Android, hackers have been exploiting security gaps in the respective systems to deactivate the security systems since the appearance of these systems. This process is also known as jailbreaking or rooting. Then the user has complete access to the entire device.

The system is then - due to the deactivated security system - susceptible to attacks from outside. For example, relatively few iPhone jailbreakers change the root password after installing the SSH server; Since the root password is publicly known, an attacker can modify the device via the Internet. See the main jailbreaking article for more examples.

Web links

• Information on Cabir
• Cell phone viruses - dangerous or annoying?
• pressetext austria: Virus report: First mobile phone virus discovered
• Long-term bomb cell phone virus Spiegel-Online, May 2008
• One year of Android Malware (Full List) . Retrieved November 12, 2011.

Individual evidence