What are common kinds of mobile spyware?
When it comes to mobile spyware, there are almost too many types. Luckily, in this expert Q&A, Ed Skoudis narrows down the field and reveals how to defend against browser exploits, file droppers and keystroke loggers.
The code that runs in the browser is our second category of mobile malicious code. Usually, after exploiting a browser, the bad guys push a file dropper application on the vulnerable system. A file dropper, as its name implies, lets the attacker drop additional files -- usually more spyware -- onto a system, where the malicious files are eventually extracted and run. With a fully functional file dropper, the attacker can update his or her spyware on a regular basis, staying ahead of the antispyware and antivirus signature checks. The file dropper's payload may feature a bot, a remotely controllable agent that gives the attacker full control over machines. The file dropper can also install a keystroke logger on the machine, which gathers the victim's keystrokes and sends them to the attacker, who then might try to harvest passwords, account numbers and credit card numbers from the keystrokes of the victim machine.
How can you cope with this onslaught? Up-to-date antivirus and antispyware tools are critical, especially ones that support heuristic defenses. Even though many browser exploits are in the wild before solid fixes are available, it's still important to keep your system patched.
More information: