If you have been following my entries at ZDNet.co.uk, then you know that I have been very busy lately with all of this JavaMite malware. If you’ve not been to the ZDNet blog I host lately then, you still need to be aware of this latest development in mobile malware.
As defined in my whitepaper on the topic: “a JavaMite is any executable software or script written in (or with) the aide of a Java Software Development Kit/Component to specifically alter or otherwise tamper with the operational components of a mobile handset or device.” This is a form of mobile malware that has been in development for sometime, but until February 2009 had not been fully executed.
On February 7, 2009 a JavaMite was embedded as a Trojan virus (malware file name: Trojan-SMS.J2ME.GameSat.a) which targeted Indonesia by masquerading as a social instant messaging application for date seeking singles. The Trojan-SMS.J2ME.GameSat.a file was specifically designed to compromise the mobile banking infrastructure of the Indonesian market by transferring trace amounts of money from the users mobile banking account to the hackers account. This attack targeted handsets without third party mobile security solutions and was made public very quickly upon debut.
At face value this may seem like another harmless attack, but from the perspective of technical sophistication this form of mobile malware is a major development. This form of mobile malware has the technical capacity to infect mobile devices by the masses and so far the authors have demonstrated a preference of targeting the mobile banking sector. To learn more about JavaMites and your risk as a mobile user, please visit my ZDNet blog @ http://community.zdnet.co.uk/blog/0,1000000567,2000440756b,00.htm and read my whitepaper: JavaMites: The Emerging Universal Mobile Threat. Your guru in mobile security… Eric Everson – Founder, MyMobiSafe.com
As defined in my whitepaper on the topic: “a JavaMite is any executable software or script written in (or with) the aide of a Java Software Development Kit/Component to specifically alter or otherwise tamper with the operational components of a mobile handset or device.” This is a form of mobile malware that has been in development for sometime, but until February 2009 had not been fully executed.
On February 7, 2009 a JavaMite was embedded as a Trojan virus (malware file name: Trojan-SMS.J2ME.GameSat.a) which targeted Indonesia by masquerading as a social instant messaging application for date seeking singles. The Trojan-SMS.J2ME.GameSat.a file was specifically designed to compromise the mobile banking infrastructure of the Indonesian market by transferring trace amounts of money from the users mobile banking account to the hackers account. This attack targeted handsets without third party mobile security solutions and was made public very quickly upon debut.
At face value this may seem like another harmless attack, but from the perspective of technical sophistication this form of mobile malware is a major development. This form of mobile malware has the technical capacity to infect mobile devices by the masses and so far the authors have demonstrated a preference of targeting the mobile banking sector. To learn more about JavaMites and your risk as a mobile user, please visit my ZDNet blog @ http://community.zdnet.co.uk/blog/0,1000000567,2000440756b,00.htm and read my whitepaper: JavaMites: The Emerging Universal Mobile Threat. Your guru in mobile security… Eric Everson – Founder, MyMobiSafe.com
No comments:
Post a Comment