Hard to believe that it was 10 years ago when the first piece of mobile malware made its attack. According to Axelle Apvrille, senior mobile anti-virus researcher with Fortinet, the first piece of mobile malware, a worm, was called Cabir and was targeted specifically to attack the Nokia Series 60. In an article looking at the history of mobile malware posted to Mobile Security Zone, Apvrille wrote:
[I]ts attack resulted in the word “Caribe” appearing on the screen of infected phones. The worm then spread itself by seeking other devices (phones, printers, game consoles…) within close proximity by using the phone’s Bluetooth capability.
Compare that to what Aprville wrote about malware in 2013:
2013 marked the arrival of FakeDefend, the first ransomware for Android mobile phones. Disguised as an antivirus, this malware works in a similar way to the fake antivirus on PCs. It locks the phone and requires the victim to pay a ransom (in the form of an exorbitantly high antivirus subscription fee, in this case) in order to retrieve the contents of the device. However, paying the ransom does nothing to repair the phone, which must be reset to factory settings in order to restore functionality.
That first piece of mobile malware was just an experiment, really, written at a time when the use of mobile devices was in its early stages (personally, I could count on one hand the number of people I knew using BlackBerrys or PDAs in 2004). It was developed to prove that it could be done.
Today, according to Kaspersky Lab, 100,000 new individual malware variants were discovered in 2013. Cisco recently announced that 99 percent of mobile malware attacks were aimed at Android. If you are curious as to what a mobile malware attack looks like (because hopefully, it has never happened to you in real life), this video shows the installation of a Trojanized Angry Birds application and how the hacker makes the connection with the infected phone.
The development of malware on mobile devices was inevitable, of course. If it is connected to the Internet and if there is any chance of financial gain, the hackers will find a way to break into it – even if it is just to prove that it can be done.