We all think about anti-virus software for our PC’s but as the number of smartphone users continues to climb we can expect to see a lot more mobile OS attacks. And no one is safe. You probably remember when an iPhone SMS vulnerability was revealed that lets you do all sorts of fancy things like track a user using GPS, turn on their mic to listen to conversations and act as a zombie. This was two years after a Safari exploit was revealed that provided full access to the iPhone. Android was treated with a different sort of attack when a developer was able to add apps to the Android Market that pretended to be bank apps to help you view your account information from your phone and it was really provided the author with your account information. And recently a Windows Mobile game was distributed as freeware and it contained an additional file that sent phones to call international numbers overnight.
What’s this mean to us? Well obviously you need to think before you load suspicious software, whether that be software that has login information (not just to bank accounts but also email accounts, Facebook, etc) or if it comes from an unknown source. And yes, if you’re loading warez then you really need to think if the savings is worth the potential costs (aside from the illegal thing). I’m often one of the first to test apps (yes- for you guys:)) but it probably makes sense to let others be the guinea pig. Obviously the manufacturers are expected to keep their platforms secure, but we may not be far away from needing anti-virus software on our phones. This is already widely available from Norton, Kaspersky, Eset and others but I don’t think it’s flying off te shelves.
Do you guys have any real concerns at this point about mobile security? Do you think these few examples are blown out of proportion because it’s a good story or is this real and potentially just the beginning?