Skip Links

FBI warns Loozfon, FinFisher mobile malware hitting Android phones

FBI warns malware could steal private information, cause other problems

By Layer 8 on Mon, 10/15/12 - 4:31pm.

The Internet Crime Complaint Center (IC3) has warned Android users that a number of malware attacks have been plaguing Android smartphone users. 

The IC3 said some of the latest known versions of mobile malware taking aim at Android users are Loozfon and FinFisher.

MORE: The 10 most common mobile security problems and how you can fight them

The group provided an outline of the nasty stuff:

  • Loozfon is an information-stealing piece of malware. Criminals use different variants to lure the victims. One version is a work-at-home opportunity that promises a profitable payday just for sending out email. A link within these advertisements leads to a website that is designed to push Loozfon on the user's device. The malicious application steals contact details from the user's address book and the infected device's phone number.
  • FinFisher is a spyware capable of taking over the components of a mobile device. When installed the mobile device can be remotely controlled and monitored no matter where the Target is located. FinFisher can be easily transmitted to a Smartphone when the user visits a specific web link or opens a text message masquerading as a system update.

The IC3 offered up some basics to protect smartphones from these kinds of attacks. The suggestions include some obvious but perhaps overlooked or ignored ideas:  

  • When purchasing a Smartphone, know the features of the device, including the default settings. Turn off features of the device not needed to minimize the attack surface of the device.
  • Depending on the type of phone, the operating system may have encryption available. This can be used to protect the user's personal data in the case of loss or theft.
  • With the growth of the application market for mobile devices, users should look at the reviews of the developer/company who published the application.
  • Review and understand the permissions you are giving when you download applications.
  • Passcode protect your mobile device. This is the first layer of physical security to protect the contents of the device. In conjunction with the passcode, enable the screen lock feature after a few minutes of inactivity.
  • Obtain malware protection for your mobile device. Look for applications that specialize in antivirus or file integrity that helps protect your device from rogue applications and malware.
  • Be aware of applications that enable Geo-location. The application will track the user's location anywhere. This application can be used for marketing, but can be used by malicious actors raising concerns of assisting a possible stalker and/or burglaries.
  • Jailbreak or rooting is used to remove certain restrictions imposed by the device manufacturer or cell phone carrier. This allows the user nearly unregulated control over what programs can be installed and how the device can be used. However, this procedure often involves exploiting significant security vulnerabilities and increases the attack surface of the device. Anytime a user, application or service runs in "unrestricted" or "system" level within an operation system, it allows any compromise to take full control of the device.
  • Do not allow your device to connect to unknown wireless networks. These networks could be rogue access points that capture information passed between your device and a legitimate server.
  • If you decide to sell your device or trade it in, make sure you wipe the device (reset it to factory default) to avoid leaving personal data on the device.
  • Smartphones require updates to run applications and firmware. If users neglect this it increases the risk of having their device hacked or compromised.
  • Avoid clicking on or otherwise downloading software or links from unknown sources.
  • Use the same precautions on your mobile phone as you would on your computer when using the Internet.

The IC# warning comes on the heels of another government report that outlined the growing mobile security challenges.

For example, the Government Accountably Office said:

  • The number of variants of malicious software aimed at mobile devices has reportedly risen from about 14,000 to 40,000 or about 185% in less than a year.
  • New mobile vulnerabilities have been increasing, from 163 in 2010 to 315 in 2011, an increase of over 93%;
  • An estimated half million to one million people had malware on their Android devices in the first half of 2011;
  • Three out of 10 Android owners are likely to encounter a threat on their device each year as of 2011;
  • According to Juniper Networks, malware aimed at mobile devices is increasing. For example, the number of variants of malicious software, known as "malware," aimed at mobile devices has reportedly risen from about 14,000 to 40,000, a 185 percent increase in less than a year.

"Threats to the security of mobile devices and the information they store and process have been increasing significantly. Cyber criminals may use a variety of attack methods, including intercepting data as they are transmitted to and from mobile devices and inserting malicious code into software applications to gain access to users' sensitive information. These threats and attacks are facilitated by vulnerabilities in the design and configuration of mobile devices, as well as the ways consumers use them. Common vulnerabilities include a failure to enable password protection and operating systems that are not kept up to date with the latest security patches," the GAO stated.