Security nowadays is not a “nice to have,” but a must-have. Cybercriminals have started a new way of encouraging their activities by selling their services on the deep dark web. They are becoming day by day more persistent and smarter than ever. Therefore, the companies have to be smarter in order to face the diversity of new threats every day. The increase of botnets is responsible for an emerging ransomware attacks through cryptolocker. Another modern malware are APT (Advanced persistent threats, sophisticated threats that undertake missions in cyber space). This chapter is about a summary of the most prominent attacks on security threats regarding android mobile devices. In this review chapter we will disclose and analyze chronicles of attack, which cover researching period from 2004 when was discovered the first mobile malware, until 2014. Our research will narrow down just in the two last years because of tremendous surge of android malware that has emerged just in this short period. We have chosen this small research sample in order to provide insights and give significant evidence that in a short period we have to investigate and analyze so many miscellaneous malware and vulnerabilities techniques. In subsequent proceedings, this chapter points out the main threats category we have thought to be more notable or significant to be investigated in this review chapter. Later on, it discusses future trends and some strong recommendation on facing and dealing with the internet technology based area.
Top1. Introduction
Android has become one of the most vulnerable operating system on mobile devices. This is mostly contributed to the fact that Android unlike other operating systems, is an open source system, therefore is more open to different malware and miscellaneous threats induced by cybercriminals.
New threats on Android mobiles arise day by day because cybercriminals are becoming smarter and more persistent than ever. They are relying on the darknet, a close area of Internet, which is designed to resist surveillance and government espionage. Android malwares (Friedmana & Hoffmanba, 2008) are growing in complexity and maturity. In this chapter, we explore not only the evolution malware diversity and threats on mobile, but also we develop a forecast on some new malicious, which we have not dealt with yet.
Another trend to investigate is ransomwares coming to Android (ransomware is a kind of malware, which uses very strong encryption in order to make users’ files inaccessible, the next step is to blackmail the user and extort cash from them.) The first version of ransomware has been detected 25 years ago (Shih, Lin, Chiang and Shih, 2008).
Other threats combine various techniques of masquerading and misleading by using Smartphone device as the last point of the circle to be completed. Botnets are heading to android devices, too. Recently researchers have pointed out that large-scale botnets are controlling Android devices as much as botnets have controlled PCs. The preoccupying issue to be solved is the speed of malware spreading in shorter time comparing to PC and computer networks. Serious measures have been taken from Google recently in order to stop this exponential and booming of malware in android devices. Google has investigated several apps and ad framework behaviors, which will not be allowed to download malware-attacking Android. The research sample retrieved from security sources narrows down from 2012 until 2014 because it is believed that in these two years we have witnessed a dramatic surge of malware exploiting mobile devices. This work is viewed in two different approaches and perspectives. The first approach based on kinds of malware and the second based on preferred channels and scenarios chosen from cybercriminals to conduct fraudulent behaviors on mobile devices. Subsequently, this review chapter is conceived as follows:
- •
Section 2 is about chronological framework of malware in general and mobile malware,
- •
Section 3 involves mobile malwares and their classification and sorting out malwares,
- •
Section 4 is a collection of mobile vulnerabilities.
- •
Section 5 comes up with significant countermeasures provided from security community.
- •
Section 6 comprises the evolvement and trends of malware in the future landscape.
- •
Section 7 is dedicated to conclusions and analysis been derived from all data gathered. In addition, in this review chapter emerge gaps of malware technology and future work.
Top2. Chronological Background
In 1986 (Shih, Lin, Chiang and Shih, 2008) was discovered the first computer virus. In our days are counted almost 60,000 viruses and they have been transformed from an entanglement into a significant menace. Companies are losing billion of money regarding to the study of ICSA Labs Virus Prevalence Survey 2004 (Shih, Lin, Chiang and Shih, 2008), which shows that the financial cost of virus infection measured in cost per incident, was listed at over $130 million. The latest virus disaster alone costed them over $40,000 and took 31 person days to fully recovering after a virus disaster. Mobile devices are the fastest growing consumer technology, security researchers have identified an unprecedented growth with worldwide unit sales expected to increase from 300 million in 2010, to 650 million in 2012 (Kumar, 2012).