New mobile threat families and variants rose by 49% from last quarter, from 100 to 149. 136, or 91.3% of these were Android and 13, or 8.7% Symbian. Q1 2013 numbers are more than double that of a year ago in Q1 2012.
While the “walled-gardens” of the iOS and Windows Phone, where apps require approval before sale, have prevented malware threats to develop for the iPhone or Nokia models running those systems, Android threats are increasing and becoming more likely to affect average users.
“I’ll put it this way: Until now, I haven’t worried about my mother with her Android because she’s not into apps,” F-Secure Security Advisor Sean Sullivan said. “Now I have reason to worry because with cases like Stels, Android malware is also being distributed via spam, and my mother checks her email from her phone.”
You can get the entire report here and as you read through it, listen to our Chief Research Officer Mikko Hypponen and Sean Sullivan walk through the report in this exclusive preview. (Sorry, there is a odd echo for the first few minutes of the recording.)
Here’s a look at profit-motivated threats. Is anyone surprised that mobile malware authors are mostly motivated by money?
As far as the types of threats our Labs is seeing, Trojans continue to dominate:
Do you ever use your personal phone to make work related calls? Or send work related e-mails? Maybe you even use it to work on Google Docs, or access company files remotely? Doing these things basically means you’re implementing a BYOD policy at your work, whether they know it or not. BYOD – that’s bring your own device – isn’t really a new trend, but it is one that’s becoming more widespread. Statistics from TrackVia suggest that younger generations are embracing BYOD on a massive scale, with nearly 70% of surveyed Millennials admitting that they use their own devices and software, regardless of their employer’s policies on the matter. This is essentially pressuring employers to accept the trend, as the alternative could mean imposing security restrictions that limit how people go about their work. Consequently, Gartner predicts that 38% of businesses will stop providing employees with devices by 2016. It kind of seems like workers are enforcing the trend, and not businesses. But it’s happening because it’s so much easier to work with phones, tablets, and computers that you understand and enjoy. Work becomes easier, productivity goes up, life becomes more satisfying, etc. This might sound like an exaggeration, and maybe it is a little bit. BYOD won’t solve all of life’s problems, but it really takes advantage of the flexibility modern technology offers. And that’s what mobility should be about, and that’s what businesses are missing out on when they anchor people to a specific device. BYOD promotes a more “organic” aspect of technology in that it’s something people have already invested in and want to use, not something that’s being forced upon them. But of course, there are complications. Recent research confirms that many of these same devices have already had security issues. It’s great to enjoy the benefits of using your own phone or tablet for sending company e-mails, but what happens when things go wrong? You might be turning heads at work by getting work done faster and more efficient, but don’t expect this to continue if you happen to download some malicious software that infiltrates your company’s networks. You’re not alone if you want to use your own phone, tablet, or computer for work. And you’re not even alone if you do this without telling your boss. But there’s really no reason not to try and protect yourself first. You can use security software to reduce the risk of data breaches or malicious infections harming your employer. And there’s even a business oriented version of F-Secure's popular Freedome VPN called Freedome for Business that can actually give you additional forms of protection, and can help your company manage an entire fleet of BYOD and company-owned devices. It’s worth bringing these concerns to an employer if you find yourself using your own devices at the office. After all, statistics prove that you’re not alone in your concerns, and your employer will most likely have to address the issue sooner rather than later if they want the company to use technology wisely.
Spring cleaning is a popular pastime in many parts of Europe and North America. The cold weather is (hopefully) gone, and many people have already started the dusting, mopping, and sweeping that a good clean entails. Getting rid of clutter, old junk, and other types of waste never hurts. It avoids damage due to build up and lets you see that everything in your home has a proper place. Smart phones and computers need similar tender loving care, and I don’t mean just wiping down the dust. Computers and phones accumulate considerable amounts of wear and tear damage when you use them. Not just the mechanical parts either. Software performance degrades over time, and can cause computers to break down, or even result in security issues. Spring cleaning your phone doesn’t have to take a lot of time, or a lot of money. You can do it for free and can probably get through it in less than 10 minutes. Here’s a quick review of three things you can do to keep your phone running safe and sound. Check your Internet set-up: Many people don’t know this, but your router can be hacked. Things like weak passwords and outdated software allow hackers to break into your router and change the settings, essentially letting them manipulate what you see and do online. F-Secure recently launched a new tool called Router Checker that can help you check to make sure you’re connecting to the Internet safely. Router Checker launched less than a month ago, but has already received positive attention from websites like Tom's Hardware and Geek.com. It’s fast, free, and simple to use, so it’s worth taking a second to check the Internet set-up on your phone (or PC) to make sure it's working the way you want. Get rid of waste: Waste builds up in computers and phones, and over time this causes their performance to deteriorate. Spending a few minutes to clean out this waste and tighten the digital nuts and bolts on your software can pay off with longer lasting batteries, faster browsing and apps, and more storage space. F-Secure Booster is a free Android app that makes cleaning out your phone easy. Lots of the maintenance that phones and computers need is time consuming and difficult. F-Secure Booster centralizes different maintenance tasks into a user-friendly app. You can use it to shut down unnecessary processes that eat up your battery and memory, clean out temporary files and other data that wastes storage space, and even delete digital traces stored by your browser and other apps. It’s a quick way to make sure your phone runs quickly and securely. The PC version has a freemium offering that can clean our your computer, but also a premium variant with even more features, like a software updating tool. Secure your apps: According to F-Secure Labs, Android is a favorite target for mobile malware writers. That means people using Google’s platform need to be extra cautious about the apps they use. Fortunately, there’s a free app that can help protect your mobile phone from malware. Freedome is a popular, one-button VPN that offers users a number of different forms of protection, including App Security. App Security for Android basically checks the apps on your phone or mobile device to see if there’s anything dangerous about it. Freedome is available for a free 14-day trial for Android users. You need to buy a subscription if you want to keep using Freedome after your trial ends, but App Security will continue to function, even if you don’t subscribe. It’s a great way to keep an eye on your apps, and Freedome also offers mobile phone users communication encryption, web browsing protection, and even a selection of virtual locations that they can use to access region locked content. It’s a great way to make sure your phone stays protected after your spring clean! [ Image by uncoolbob | Flickr ]
Easter is coming up, and many people will take advantage of the holiday by visiting friends or family, or even taking a quick vacation. Mobile phones are an important travel accessory for people these days, as it lets them stay in touch with people, use some great map apps to find their way around, and use online banking and other services they need. The flip side to these wonderful aspects of mobile technology is that there are threats that become more pronounced when people are on the road. Public Wi-Fi hotspots are popular in hotels and airports because they help people avoid roaming charges. Wi-Fi in general wasn’t designed to be particularly secure, and so it exposes all kinds of sensitive information to the public. It’s so easy to monitor what people do over Wi-Fi that it took less than 20 minutes for this hacker to learn the personal details of people connected to a cafe’s hotspot. Do you ever visit café’s when you travel? I know I do. And I also know that having to worry about keeping my personal data safe when I travel is one hassle I can do without. So I sat down with F-Secure Security Advisor Sean Sullivan to talk about this. Sean travels extensively for both work and play. He gets it – worrying about mobile security is the last thing people want to do when they’re away. He gave me three quick pieces of advice to pass along to let people know what they can do to keep their mobile phones safe and secure when they’re away from home. 1. Use a PIN number or passcode to lock your phone. Losing your phone is like losing your wallet – it’s not the cash that stresses people out. It’s the information. Credit cards, driver’s license, insurance information, ID – lots of people keep this info in both their phones and wallets. If your phone gets lost or stolen that information can get out there, so if you want to keep this data secure a code is the absolute minimum. Even if your phone goes missing, a passcode or PIN can help the data stay hidden. Plus, many mobile services will have anti-theft protection and let you remotely locate your phone, but these anti-theft features won’t do you any good if whoever finds your phone can simply open your settings and disable them. Most phones let you set up passcodes to lock your phone at regular intervals (for example, every hour or every two hours). When I'm working I usually set my phone to lock every four hours, but for traveling I set it to lock every five minutes. I suggest you set yours to lock as often as you can stand. Even if it's not a long time, like at hour intervals, it's better than no protection at all. 2. Take the time to remove old files and log out of apps that you don’t need. Cleaning your phone out is important if you want to bring it traveling, especially if you use your phone for work. Phones and computers always store information about what you do. Internet browsers store a history. Apps create temporary files where they store stuff to help them run faster. A lot of apps and websites have passwords and contact information about you stored. Deleting this data only takes you a few minutes with this new free app, and can save you the hassles that come from having your personal data compromised. I’m always careful to close and even delete apps I won’t be using when I travel, and even reset automatic logins I use for work. I recommend you do the same, because if your phone goes missing and someone starts sending e-mails from your account, you might not have a job to come back to. Getting rid of work stuff is key, not only to protect you and your employer from any mishaps, but also to avoid thinking about work when you’re trying to relax. 3. There’s no excuse not to use a VPN, so get one and test it BEFORE your trip. VPNs are always a good idea. Almost every security researcher I know swears by them. They’re especially important while you’re traveling because you’re more exposed when you’re away from home. You often have to choose between using free Wi-Fi hotspots or paying roaming charges to use your mobile connection. Using a VPN like Freedome gives you a secure funnel that lets you use public Wi-Fi connections without assuming the risks. It’s especially important for budget travelers that use services like AirBnB. The sharing economy is great for travelers on a shoestring budget, but you give up some of your control over your own situation when you use these services. If you’re using someone else’s Wi-Fi you might not be able to verify that it’s safe – after all, it’s not a 5-star hotel. Using Freedome can prevent you from “sharing” information in this new economy that you’d rather keep private. These are quick, easy things you can do to keep your private information private while you’re traveling, so take this advice to heart so you can enjoy your holidays. P.S. Sullivan also suggests calling your bank ahead of time and let them know you’re traveling, so they know that charges appearing away from where you live don’t mean that your credit card was stolen. [Image by Francesco | Flickr ]