While Jeff Schmidt, the CEO of JAS Global Advisors, was surfing the Web on his new Android smartphone (his first Android phone) earlier this year, what appeared to be an ad popped up on his screen. The "ad" looked like the prompt that appears when his phone rings. He clicked the button on the ad to pick up the putative call, and the ad began downloading a binary file -- malware -- onto his Android phone. Schmidt had been hit by a drive-by download, a program that automatically installs malicious software on end-users' computers -- and increasingly, smartphones -- without them knowing.
"I'm a pretty paranoid and sophisticated user," says Schmidt, whose firm provides information security and risk management services. "I didn't think I'd be vulnerable to this sort of thing, but because I wasn't familiar with the user interface, I clicked on the ad. It really surprised me."
Fortunately, Schmidt halted the download when he realized what was going on and caught it before anything bad happened to his phone. He's not sure what the malware would have installed on his phone, but he suspects it could have been some kind of spyware, such as a keystroke logger, or some other application that would turn his computer into a spam-mailing bot or otherwise compromise his security and privacy.
Schmidt's experience with mobile malware -- specifically, with a mobile drive-by download -- illustrates the challenges users face detecting and preventing mobile malware from infecting their smartphones. It also demonstrates the sophistication and ever-changing nature of security threats targeting mobile devices.
The mobile malware phenomenon: Why it's hard to detect
Mobile malware is proliferating at an astonishing rate. Security threats targeting mobile devices increased more than 600 percent between 2010 and 2011, according to research from Kaspersky Lab. In December 2011 alone, Kaspersky identified more new mobile malware apps than it identified between 2004 and 2010.
"Mobile devices are scary because people generally have no idea what the software they download will do, whether they get it from an app store or it comes with the phone," says Schmidt. "The apps on mobile devices are not at all transparent. A lot of software gets installed on them that users don't understand."
Smartphones have become an effective way for criminals to distribute malware because it's harder to recognize on a smartphone than it is on a PC. "Screen real estate is very limited on these devices," he says. "The visual cues we're used to on PCs [when we download a virus] are not available in a mobile environment. Even to sophisticated users, it's not entirely clear what's happening behind the scenes."
Faster connectivity and more powerful devices further complicate security. Schmidt says both factors make it easier to download malware more quickly, without the user knowing. "That makes a compromised device more valuable to a bad guy," he adds.
It also makes smartphones more susceptible to drive-by downloads.