2006: Year of the mobile malware

Mobile security threats are expected to triple in 2006 as smart phones and other mobile devices become more prevalent, according to a study released Monday by McAfee Avert Labs.

The number of malicious software programs created for mobile devices is expected to reach 726 by the end of 2006, up from an estimated 226 at the end of 2005, according to McAfee.

Mobile malware is not the only area expected to rise in the new year, said Craig Schmugar, virus research manager for McAfee Avert Labs. Targeted phishing attacks and potentially unwanted programs (PUPs), such as adware and spyware, are also anticipated to increase. But growth in malicious programs for mobile phones is expected to accelerate the fastest.

"They're gaining increased interest from the virus (writing) community," Schmugar said. "And as these devices become more pervasive, they become a bigger target."

Compounding the problem is consumers' lack of interest in applying security software to their mobile devices, Schmugar added. Many consumers view the threat of a mobile attack as less likely to affect them than an infiltration on their PCs, he noted.

But the "I Love You' virus that infected tens of millions of PCs in just a few hours in 2000 would have spread wider and faster in smart phones, McAfee warned. A virus that targets several mobile operating systems could infect up to 200 million connected smart phones simultaneously, given that these devices often do not have security software installed, the company said.

Commercial PUPs are expected to increase next year by 45 to 50 percent. In 2005, PUPs increased by 40 percent compared to 2004, Schmugar said, noting that the category is maturing.

Changes in federal and state legislation, along with self-policing in the advertising software industry, may contribute to the tempered growth, as well, according to McAfee.

Targeted phishing attacks, meanwhile, became a trend this year and are expected to gain more traction next year as virus writers seek to stay under the radar of security software vendors, Schmugar said. Smaller, more targeted attacks help keep phishing scams alive and enable malicious code writers to pull in profits over an extended period of time.

[jmanico]

BS

The mobile industry is way to closed and splintered to worry about a widespread virual, worm or other outbreak.