Chinese Mobile Malware Signals Danger, Opportunity for Channel
Chinese authorities reported over the weekend that a new mobile viruses dubbed "MMS Bomber" has plagued millions of Chinese mobile phones. While the malware doesn't affect the majority of North American phone users, some experts believe this rampant outbreak is another signal that the dangers to mobile devices are a real threat and could provide channel partners an opportunity to convince customers to purchase mobile protection.
A variant of the Worm.SymbOS.Yxe family of mobile worms, which are the first to run on the Symbian S60 3rd Edition and with a valid digital signature, MMS Bomber was first discovered in February by the Mobile Security Center of NetQin Mobile Inc., a Chinese mobile security service provider. Like other Yxe strains, MMS Bomber spreads through SMS messages that contain a link to the worm. It harvests data from the smartphone back to the attackers server. MMS Bomber also upped the Yxe ante by also adding defense mechanisms to keep the user from getting rid of the malware. Once infected, the virus will disable the system management program on the mobile phone, and mobile users will not be able to uninstall the virus, says Dr. Zou Shihong, Chief Scientist of NetQin.
"At this point, Yxe.e is believed to have affected hundreds of thousands, if not more than a million Chinese devices. It is also believed that infections have been limited to devices operating within China," says Daniel Hoffman, CTO of Smobile, a mobile security firm." Symbian devices make up the largest percentage of smartphone devices in use outside of the U.S. However, Symbian devices make up merely a fraction of the market share of smartphones in the U.S. and North America. "
Nevertheless, the outbreak is a good lesson as to how mature mobile malware has become, says Jamz Yaneza, threat research manager for TrendMicro.
"Today’s smartphone and mobile gadgets are several times more powerful than a desktop computer about a decade ago," Yaneza says." Mobile malware that uses MMS to propagate is not new, it’s been out there since 2005 but hasn’t caused much effect in North America due to the fractured services provided by the various mobile telco operators. With the wide acceptance of smartphones, dropping prices, and improved mobile technologies and speeds mobile malware looms as a threat."
Currently, many of the attacks similar to MMS and those that could affect North American users depend on social engineering to propagate.
"As is the case with every malware threat that affects BlackBerry, iPhone and Android devices, the Yxe.e worm requires that the user manually install the malicious program, albeit under false pretenses. Many mobile antivirus vendors currently offer protection from this threat at this time," says Hoffman, who believes that the channel could potentially stand to make billions in the coming years if they play their cards right.
According to analysts with ABI Research, the mobile security market will reach $4 billion by 2014.