Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Problems With Lenovo Support

Published: 2010-06-22
Last Updated: 2010-06-22 16:35:04 UTC
by Chris Carboni (Version: 1)
0 comment(s)

If you visited the Lenovo support site over the last few days, you may want to check out this link that Jim sent in. Lenovo Support Website Loads Malicious IFrame, Infects Visitors With Trojan

Christopher Carboni - Handler On Duty

0 comment(s)

Thoughts on Malware for Mobile Devices

Published: 2010-06-22
Last Updated: 2010-06-22 15:51:52 UTC
by Chris Carboni (Version: 2)
8 comment(s)

One of the reasons that I love going to conferences is that it really makes me think.  Being around some of the best minds in information security. talking to people, listening to thier views and re-evaluating my own opinions based on any new information is a big takeaway for me. 

For those who were not at SANSFire this year and didn't otherwise follow the Handler's annual State of the Internet Panel, one of the questions asked of the panel was (and I'm paraphrasing because I can't remember the exact word for word question) "Every year we hear a prediction that this will be the year that mobile malware becomes wide spread.  Do you think that will happen this year?"

I remember giving some answer along the lines of "Well, we've already had a few examples" and one of the other Handlers cited the malware infested apps that became available (breifly) from the iTunes Store. The panel concluded and we all went about our business but something was nagging me.  Something just didn't feel right.

I started talking to a few friends discussing mobile security and then looked at my own devices.

How would I really know if there was malware on my smart phone?

Malware authors have become increasingly good at hiding the presence of malware on infected systems and I didn't have anti virus on my phone, a problem which has since been corrected.  But given the problems with signature based AV protection, do I really have confidence that I'm protected?

How do we really know that mobile malware is not widespread right now?

Please take a moment and answer the poll that I've posted and if you have some creative ways you're protecting your mobile devices, send them in and I'll post them.

While 130 people is not a statistically large sample we do have some interesting preliminary results.

Of 130 people, only 15 are scanning for malware.

Of those 15, 3 (20%) have detected malware.

If you extrapolate that percentage out to the entire sample, 23 people who responded who do not scan would be infected with malware.

For now, I'm filing that under "Things that make you go Hmmmmm."

Christopher Carboni - Handler On Duty

8 comment(s)
Diary Archives