It is not good news for the fastest-growing telecom market of the world. India, which is expected to be home to four million smartphones in the next two years, is already on the cyber criminal map. The number of malicious programmes targeting mobile sets has more than doubled between August 2009 and December 2010. In 2010, over 65 per cent more new threats targeting cellphones were detected than in the previous year.
Experts too suggest that the situation is worrysome. Jagannath Patnaik, director (channel sales), Kaspersky Lab, South Asia says that in 2010, more than 16 brands of smartphones were launched in India. He added, “In a country, where mobile penetration is much higher than PC penetration, and mobile phone density is growing at a staggering rate, cyber criminals are trying hard to exploit vulnerabilities in the mobile platform. If you observe the trend, malware in Android platforms have grown at a much higher rate because it is the fastest-growing platform in smartphones.”
Kaspersky Lab predicts an increase in the number of vulnerabilities found on mobile platforms, and an increase in the number of threats for Android. Analysts also believe that cyber criminals will continue to use short numbers. “The use of SMS trojans is still the easiest and the most effective means by which malicious users earn money. The reason is simple: any mobile device, be it a smartphone or a basic mobile phone, has a direct connection to its owner’s money via their mobile account. It is this ‘direct access’ that cybercriminals actively exploit,” explained Denis Maslennikov, a senior malware analyst at Kaspersky Lab.
Last year, for the first time in six years since the first mobile malware was detected, Kaspersky Lab detected a Trojan that made calls to international fee-based numbers. In another instance, a worm designed for the iPhone was used by cyber criminals to launch a targeted phishing attack against users of a Dutch bank. When an attempt was made to visit the bank’s website from a smartphone infected with the worm, the user was redirected to a phishing website.