For years now, we in the cyber security industry have been saying an explosion of mobile malware is just around the corner. Beginning in earnest this year, we have indeed observed a marked increase in threats targeting mobile devices – particularly the Android platform. However, it’s probably not accurate to say the expected explosion has in fact occurred. The reality is that cybercriminals are still very much in the exploratory phase of figuring out how to monetize the exploitation of mobile devices. This is the topic of Symantec’s latest research. You can read the whitepaper in its entirety here (PDF).
Above all else, our analysis highlights how most current efforts to monetize mobile malware have only a low revenue-per-infection ratio. This has severely limited the return on investment achievable by attackers. It also offers detailed insight into the top current mobile malware monetization schemes observed by Symantec, including how each works and examples of the malware presently being used to carry them out. These schemes are:
- Premium-rate number billing scams
- Search engine poisoning
- Pay-per-click scams
- Pay-per-install schemes
- Stealing mobile transaction authentica¬tion numbers (mTAN)
Additional potential revenue-generating schemes likely to be seen in the near future are discussed as well. These include:
- Selling stolen International Mobile Equipment Identity (IMEI) numbers for use on previously blocked or counterfeit phones.
- Peddling fake mobile security products—another tactic that has been highly successful in the PC realm.