Mobile technology has improved our daily lives on many levels and it has profoundly raised the quality of life for many. But the threats coming from mobile technology are also very real and concerning for information technology and services.
Basically, botnets are large illegal networks of infected machines usually desktop or laptop computers, which are typically used to send outgoing traffic to other systems to infect their network or device. But attackers are now using mobile botnets to infect the other network and devices using smartphones.
Infected smartphones that become part of a botnet can gain complete access to the targeted device and unknowingly perform certain tasks like recording audio and video, taking photos, sending text messages, open web pages, steal user data, delete files, launch denial of service attacks via HTTP floods and perform web injections, if supported. An HTTP flood from a mobile botnet can easily produce over 100,000 unique IP addresses, making it increasingly difficult for websites to mitigate such large-scale attacks. As the botnet grows, every infected smartphone gets added to a network of bots managed by a botmaster.
Mobile bot-infections were first discovered in the year 2011. DroidDream and Geimini both were trojanized game apps with bot-like capabilities that compromised Android devices. There have also been mobile botnet attacks targeted at iPhones, Blackberry and Symbian devices. So no matter the operating system your smartphone runs on, all these precedents are strong cases for mobile antivirus protection.
How can bots get to smartphones:
Users are easily get tricked to install malware via malicious apps found in the Google play store, 3rd party app stores or through malicious emails, that gains the root access of user’s device. Devices that are infected with this malware become a part of a global botnet without having a power of resistance. From there, an attacker controls a device (as an infected botnet) through a command and control system where the attackers can send a number of attack commands to these infected devices so they can perform the specified actions and launch illegal activities through it.
What can you expect if your device has been compromised?
If your device is infected with malware and part of a botnet you may experience these following things:
Disrupt or lost network connectivity of your device.
Stolen Credit card details, saved usernames and passwords, etc.
Incoming messages blocked.
Installing or removing applications without your permission.
E-mails being sent without your consent.
Dial a certain mobile number.
Here are a few tips to remember to prevent your device from being a part of a mobile botnet:
Download applications only from trusted app stores.
Use reputed antivirus software to prevent malware infections.
Do not install the applications from unknown sources.
If you are surfing the web or socializing online do not click on unwanted links, you may run into a malicious website.
If you are experiencing network issues contact your network providers immediately.
It’s suggested that you wipe your phone and restore factory settings if you suspect that your device has been compromised.
- Reveals how to overcome the new technologies and techniques aimed at defending web applications against attacks that have appeared since the previous edition
- Discusses new remoting frameworks, HTML5, cross-domain integration techniques, UI redress, framebusting, HTTP parameter pollution, hybrid file attacks, and more
- Features a companion web site hosted by the authors that allows readers to try out the attacks described, gives answers to the questions that are posed at the end of each chapter, and provides a summarized methodology and checklist of tasks
Focusing on the areas of web application security where things have changed in recent years, this book is the most current resource on the critical topic of discovering, exploiting, and preventing web application security flaws..
Cybersecurity and Privacy – Bridging the Gap addresses two very complex fields of the digital world: cybersecurity and privacy. These multifaceted and multidisciplinary issues are usually understood and valued differently by different individuals, data holders, and legal bodies, but a change in one field immediately affects the others. Policies, frameworks, strategies, laws, tools, techniques, and technologies – all of these are tightly interwoven when it comes to security and privacy.
This book is another attempt to bridge the gap between industry and academia by addressing the views from both areas on the subject. Technical topics discussed in the book include:
• Security and Internet of Things
• Data risks
• Cloudbased Services
With our ever-increasing reliance on computers comes an ever-growing risk of malware. Security professionals will find plenty of solutions in this book to the problems posed by viruses, Trojan horses, worms, spyware, rootkits, adware, and other invasive software. Written by well-known malware experts, this guide reveals solutions to numerous problems and includes a DVD of custom programs and tools that illustrate the concepts, enhancing your skills.
- Security professionals face a constant battle against malicious software; this practical manual will improve your analytical capabilities and provide dozens of valuable and innovative solutions
- Covers classifying malware, packing and unpacking, dynamic malware analysis, decoding and decrypting, rootkit detection, memory forensics, open source malware research, and much more
- Includes generous amounts of source code in C, Python, and Perl to extend your favorite tools or build new ones, and custom programs on the DVD to demonstrate the solutions
Malware Analyst’s Cookbook is indispensible to IT security administrators, incident responders, forensic analysts, and malware researchers.
Disclosure of Material Connection: Some of the links in the post above are "affiliate links." This means if you click on the link and purchase the item, I will receive an affiliate commission. Regardless, I only recommend products or services I use personally and believe will add value to my readers. I am disclosing this in accordance with the Federal Trade Commission's 16 CFR, Part 255: "Guides Concerning the Use of Endorsements and Testimonials in Advertising."