Watch out for more mobile trojans on the horizon says Fortify Software

Richard Kirk, Fortify's European director, predicts this problem is going to get worse for mobile phone manufacturers and their operating system developers.

"The problem with mobile phones is that their processing capacity is increasing at a near-exponential rate, with some of the latest smartphones the technological equivalent of the PCs seen in the early part of this decade," he said.

"And whilst the power of the average smartphone has soared in the last few years, the behind-the-scenes technology and security assurance practices required to prevent any security loopholes in the operating system and/or applications is not as up to speed as it is on the desktop/laptop platforms," he added.

Because of this, Kirk says that hackers and malware developers - blocked by increasing sophistication on the desktop/laptop security front - are now turning their attentions to the microcomputer many of us have in our pockets, the smartphone.

The problem with smartphones, he explained, is that they are truly mobile devices, travelling with us between home and office, and out into the real world, but remaining constantly connected thanks to a mixture of GSM, 3G and WiFi connections.

Add in a high quality mobile email and Internet access, and you have a potential recipe for a data leakage disaster in the making, as the humble smartphone can offer hackers a nearly always-on back door into desktop PCs at home and corporate networks in the office.

According to Fortify, the fact that the Symbian Foundation has admitted allowing a botnet-building Trojan - Sexy Space - through its digital signing procedures, is a potential failure in the foundation's audit procedures.

"At the same time, it's an understandable mistake, and one that the IT security industry's early movers and shakers probably made in the 1990s," he said.

"Because of this, you can expect more of the same to happen in the weeks and months ahead, as the mobile industry gets to grips with its growing IT security teething troubles," he added.

 

 

What’s hot on Infosecurity Magazine?