Threats to mobile devices, notably Android smartphones, which are the primary targets of all mobile malware, continue to grow. In comparison, mobile security threats targeted at Apple devices remains low. Cybercriminals are crafting pieces of malware that take advantage of mobile users’ frequent use of app stores with one-click payment options and new tap-and-pay kiosks that enable seamless purchases without cash or a credit card. Malware authors are also going on the defense, creating apps that effectively block security updates from installation on a device, leaving the mobile user unable to remove a malware infection from a smartphone or tablet, or even vulnerable to new threats.
In its annual outlook on the threat landscape, McAfee Labs researchers predict these three threats will have a major impact on smartphones and tablets in 2013:
- Malware shopping spree apps — Android/Marketpay.A is a Trojan horse program that buys apps from an app store without user permission. It's likely that malware authors will use this strategy to create mobile worms that can easily be propagated over numerous vulnerable phones. Attackers will no longer need to install a piece of malware and user interaction isn't needed to complete transactions, which enables the mobile worm to go on a shopping spree.
- NFC worms — These mobile worms infect devices with near-field communications (NFC) capabilities (which enable tap-and-pay purchases), allowing criminals to access to the victims' wallet accounts. This threat is increasing as NFC-enabled devices are becoming more common. As users make tap-and-pay purchases in more densely populated locations, such as airports, malls, theme parks, and so on, an NFC-enabled worm can run rampant, infecting victims' devices and potentially stealing from their wallet accounts.
- Blocking mobile security updates — When mobile service providers detect malware, they can automatically push a mobile security update to customers that cleans their devices. Attackers are now creating apps that download malware that prevents the smartphone from communicating with the cell provider — allowing the malware to stay on the victim's phone.