Nokia slams phone makers that put dangerous adware on devices

Personal computers are still the biggest targets of malware but mobile device infections are increasing, says the latest threat intelligence report from a communications equipment service provider Nokia.

However one of the biggest worries, the company added, are smart phone companies that unwittingly — or knowingly — put malware in their devices. The report cites media stories last November that 120,000 Android Blu Inc. phones distributed in the United States had accidentally been loaded with a “Firmware Over The Air” (FOTA) update service from the Chinese firm Shanghai ADUPS Technology Co. Ltd. which sent private user information, including copies of received text messages, to a server in China.

The manufacturer and Blu Inc, corrected the problem, says the Nokia report, but that the same issue exists on other ADUPS managed devices.

“The incident also highlights a sinister trend that has hit the smart phone market,” says Nokia. “There are several brands of inexpensive phones whose cost is being subsidized by adware that comes pre-installed on the phone. Accepting pop-up advertisements for a cheap phone is one thing, but often the adware that provides the advertisements will feed private personal information from the phone to the adnetwork for tracking purposes, without the permission of the user.”

“Our smart phones contain a record of our lives: our text messages; e-mail; photos; and music. It is bad enough when cybercriminals go after it, but it’s inexcusable when the companies that manufacture the phones are complicit.”

The report covers general trends and statistics for malware infections in devices connected through Nokia customer mobile and fixed networks in the second half of 2016.

Among the findings:

  • Mobile device infection rate continues to climb: The overall infection rate increased 63 per cent in the second half of 2016, compared to the first half of the year.
  • New all-time high: The mobile device infection rate rose steadily throughout 2016, reaching 1.35 per cent in October (vs. 1.06 percent in April 2016) – the highest level recorded since the study started in 2012. By comparison Windows/PC systems accounted for 15 per cent of malware infections in the second half of 2016, down from 22 percent in the first half of the year.
  • Smartphones the top target: Smartphones were the top malware targets by far, accounting for 85 percent of all mobile device infections in the second half of 2016. Smartphone infections increased 83 percent during this period compared to the first half of the year (0.90 percent vs 0.49 percent), and increased nearly 400 percent in 2016.
  • Major IoT device vulnerabilities: In late 2016, the Mirai botnet assembled an army of compromised IoT devices to launch three of the largest DDoS attacks in history, including an assault that took down many high-profile web services. These attacks underscored the urgent requirement for more robust security capabilities to protect IoT devices from future attacks and exploitation.
    “The security of IoT devices has become a major concern,” Kevin McNamee, head of the Nokia Threat Intelligence Lab, said in a statement. “The Mirai botnet attacks last year demonstrated how thousands of unsecured IoT devices could easily be hijacked to launch crippling DDoS attacks. As the number and types of IoT devices continue to proliferate, the risks will only increase.
  • Malware seeks a bite out of Apple: Android-based devices continue to be the primary target for malware attacks (81 percent). However, iOS and other mobile devices were also targeted in the second half of the year (4 percent).
  • Fixed network infections continue decline: The monthly infection rate in residential fixed broadband networks averaged 10.7 percent in the second half of 2016, down from 12 percent in the first half, and down from 11 percent in late 2015. While moderate threat level adware activity decreased in the second half of 2016, high-level threats (e.g., bots, rootkits, keyloggers and banking Trojans) remained steady at approximately six per cent.

The report is available here. Registration is required.

 

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now