Q

What are common kinds of mobile spyware?

When it comes to mobile spyware, there are almost too many types. Luckily, in this expert Q&A, Ed Skoudis narrows down the field and reveals how to defend against browser exploits, file droppers and keystroke loggers.

Can you list some different types of mobile spyware? What can be done to combat them?
There are so many spyware possibilities here that it's hard to narrow the field down. Let's talk about a few categories of spyware, in the order in which they are often installed. Browser exploits are software snippets that an attacker may load onto a Web site. Typically delivered via HTTP to unsuspecting Web surfers, these exploits allow the attacker to run code in the browser. Examples of such attacks include WMF exploits from early 2006 and VML exploits from September of last year; there are countless others as well.

The code that runs in the browser is our second category of mobile malicious code. Usually, after exploiting a browser, the bad guys push a file dropper application on the vulnerable system. A file dropper, as its name implies, lets the attacker drop additional files -- usually more spyware -- onto a system, where the malicious files are eventually extracted and run. With a fully functional file dropper, the attacker can update his...

or her spyware on a regular basis, staying ahead of the antispyware and antivirus signature checks. The file dropper's payload may feature a bot, a remotely controllable agent that gives the attacker full control over machines. The file dropper can also install a keystroke logger on the machine, which gathers the victim's keystrokes and sends them to the attacker, who then might try to harvest passwords, account numbers and credit card numbers from the keystrokes of the victim machine.

How can you cope with this onslaught? Up-to-date antivirus and antispyware tools are critical, especially ones that support heuristic defenses. Even though many browser exploits are in the wild before solid fixes are available, it's still important to keep your system patched.

More information:

  • In today's enterprise, file format vulnerabilities are quickly taking center stage. Read more about it here.
  • So, you think you know mobile spyware? Sandra Kay Miller reveals some common misconceptions.
  • This was first published in March 2007

    Dig deeper on Handheld and Mobile Device Security Best Practices

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close