Is Drone Skyjacking The New Hijacking?

Screen Shot 2015-06-23 at 6.23.41 PM

Right now most civilian drones are owned by hobbyists for recreational use, but many companies are exploring commercial uses. Drones have already been used for shooting nature documentaries and commercials, aerial surveys on remote properties, checking on crops for farmers and even delivering pizza. They have the potential to revolutionize many aspects of our daily lives. But drones haven’t escaped the notice of cyber criminals.

Why Are Hackers Targeting Drones?

Drones can carry small payloads, which often includes a camera for transmitting wireless video back to the operator. Cyber criminals might tap into the video signal and gain access to valuable surveillance information, or simply hijack the drone to steal it and its cargo or perform other illegal activities.

It seems certain that at some point drones will be required to carry identification information. When that happens, a cyber criminal might hijack a drone to avoid identification much like a street criminal would steal a car to perform a robbery.

Even with legal drones one of the biggest security concerns is their current lack of traceability. Here in the United States, a civilian drone entered the restricted area around the White House during the early morning hours of January 27th and crashed on the lawn. Officials had no way of identifying who it belonged to or what their intentions were. The crash turned out to be an accident and the operator turned himself in the next morning, but it was a wake-up call for security experts. Other operators aren’t so benign. In the United Kingdom police have already confirmed high-tech burglars are using drones to identify houses vulnerable to break-ins.

Why Are Drones Vulnerable to Hacking Attempts?

Unlike simple remote-controlled helicopters, drones have their own computing power. Think of them as flying smartphones without the screen. They have GPS capabilities and can fly along pre-programmed paths, or the operator can manually control them from afar using WiFi signals. If a drone loses control signals from the operator it can return to a designated location on its own.

On the same day the drone crashed on the White House lawn, a cyber security expert uncovered a flaw in Parrot® drones that allowed malware to kill their engines and make them fall from the sky. If the drone is high enough, the malware can restart the engines and take control of the drone.

This isn’t the first time Parrot drones have been used in a drone hack. Two years ago, a legal hacker released instructions on how to build a Parrot drone capable of tracking down other drones and hijacking them using wireless signals. Dubbed SkyJack, the hijacker drone monitors wireless signals and targets MAC addresses registered to Parrot drones. It can force the targeted drone to disconnect from the device controlling it and connect to the hijacker’s signal.

The problem is lack of stringent security measures built into drone operating systems. Many drone models have no security or rely entirely on weak WiFi security measures. As drones become more popular and widely used, drone manufacturers must take the threat of potential drone skyjackers more seriously.

About Us

Berkeley Varitronics Systems (BVS) designs and manufactures innovative, RF analysis and wireless threat detection tools for businesses, and government organizations to manage secure facilities and maintain wireless networks.

How Do You Set Up A “No Phone Zone”?

image description

Cell phones are a modern marvel, but they can also be a tremendous problem for any organization trying to enforce security or safeguard confidential information. The effects of contraband cell phones can be tremendous. Cell phones have been used to intimidate witnesses in criminal courtrooms, break prisoners out of jail and steal classified information.

The private sector isn’t immune to the risks of smuggled cell phones. Attendees use them to record concerts. Students use them to cheat on tests. They’re also unwelcome guests in call centers, secure facilities and confidential meetings. The infamous “47 percent” quote that may have cost Republican candidate Mitt Romney the 2012 Presidential election was secretly recorded on a cell phone at a private fundraiser where phones were prohibited.

Ineffective Detection Tools

The major challenge in keeping cell phones out is they are easily concealed inside clothing and handbags. The recent mobile trend is toward larger smartphones, but feature phones are still readily available and some models are smaller than a credit card. These old-school devices are primitive compared to modern smartphones, but they are capable of sending and receiving texts, recording audio and taking pictures and video.

Conventional metal detectors can find many phones, but walkthrough units are bulky and not portable. Handheld wands are portable, but their range is limited to a few inches so an operator must sweep the detector over the subject’s entire body. Both types will alert to other metal objects.

Most cell phone detectors rely on radio frequency signals to locate devices, but they are ineffective if the phone is powered off or has the wireless antenna disabled. Fortunately, there are tools available to specifically uncover hidden cellular devices, even if they’re not transmitting

Effective Detection Tools

The BVS SentryHound is a portable cell phone detection system that scans subjects as they walk between two posts. It’s very similar to the anti-theft scanners retailers use to prevent shoplifting, but instead of security tags it detects ferromagnetic compounds inside the phone. The posts have a single row of LED lights running their entire length. When the SentryHound finds a device, it sounds an audible alert and illuminates the section of lights closest to the phone. It can also trigger an external device such as a security camera or remote alarm.

The Manta Ray is a handheld cell phone detector that also detects ferromagnetic compounds. Operators can use it to scan handbags, luggage and small parcels without opening them. Buckles and studs will not trigger false alarms.

The SentryHound and Manta Ray are ideal for temporary and permanent “no phone zones.” They allow operators to scan subjects and their possessions quickly and effectively, without labor-intensive searches or compromising the subject’s privacy and dignity.

 

About Us

Berkeley Varitronics Systems (BVS) designs and manufactures innovative, RF analysis and wireless threat detection tools for businesses, and government organizations to manage secure facilities and maintain wireless networks.

Global Governments Attempt to Peel The Onion Router

The Dark Web 07g

Tor has been embraced by lawful and unlawful users alike. It helps those who value their online privacy and dissidents who live in countries with oppressive governments, but it also provides ways for cyber criminals, terrorists and other bad guys to avoid identification. This has made breaking Tor’s anonymity a top priority for government agencies both at home and abroad.

What is Tor?

Short for The Onion Router, Tor is a network of donated servers run by volunteers around the globe. Tor works by routing traffic through a random network of computers called relays. For example, say you are located here in Maryland and want to access a web page on a server in Australia. Under normal circumstances, you type in the URL and the packets take a more-or-less direct route from your computer to the Australian server and back.

With Tor, the packets may bounce from relay to relay anywhere in the world, and at each at each step the traffic is encrypted. Each relay only knows where the packet came from and where it is going next. No single computer in the chain knows the entire route. This is what makes Tor users so difficult to identify.

In the United States:

The United States government seems to be of two minds about Tor. On one hand, Tor is a brainchild of the U.S. military. It was created to protect whistleblowers and journalists operating in restricted areas from repartitions, and in 2012, over half of the Tor Project’s revenue came from government grants.

On the other hand, the National Security Agency (NSA) has been working to unmask Tor’s users. The classified documents released by Edward Snowden in 2013 revealed the NSA has had success in separating Tor traffic from regular Internet traffic. This is due to their ability to monitor huge chunks of Internet traffic through connections to the large telecommunications companies that provide Internet access to most of the country’s population.

They have been less successful in separating one Tor user from another. Their best success has come from not from the Tor package, but from the browser it comes from. The default Tor package uses the Firefox browser, which has some vulnerabilities. Most of these vulnerabilities come from plugins like Javascript and Adobe Flash.

Most governments cannot use the NSA’s technique for separating Tor traffic from normal traffic because they lack the close ties to telecom companies or the ability to monitor large swaths of Internet activity in real time.

In Russia:

Last year the Russian Ministry of the Interior ran a contest for Russian nationals and companies with a goal of finding a workable method of de-anonymizing Tor’s users. The grand prize? A contract worth a cool 4 million rubles, equivalent to $111,000 USD. News reports indicate the contract was awarded, but the Russian government did not name the winner.

In China:

While the Chinese government has been silent on what efforts they are taking to unmask Tor users, it is known they have taken the approach of blocking access to the Tor software and public relays. The “Great Firewall of China” is capable of deep packet inspection and can identify and block non-public relays based on specific protocols unique to Tor. It is possible for Tor users in China to get around these blocks using different techniques.

What’s in Tor’s Future?

The Tor Project has a core of a small number of employees, but uses a network of volunteers and crowdsourced labor to patch vulnerabilities and keep its users anonymous. When the annual Black Hat security conference announced a panel on how to de-anonymize Tor users, the team went to work on closing the loophole before the conference even took place. It seems that for now, Tor will remain a useful tool for those who wish to keep their online activities secret, for better or worse.

About The Author:

Scott N. Schober is a Cyber Security Expert and the President and CEO of Berkeley Varitronics Systems, Inc., a 40-year-old provider of advanced wireless RF test and security solutions. Scott has overseen the development of numerous cell phone detection tools used to enforce a ‘no cell phone policy’ in correctional, law enforcement, corporate, university, military and secured government facilities.

Teachers Have New Enemy In War On Cheating

cheating_students_social_media

Back in the days before the Internet, ethically-challenged students could make a quick buck by selling copied test questions to other students who still needed to take the test. Now students are trading copied tests on the Internet using social media instead of in the hallways.

In the old days, most tests were not standardized so students in one district might take a totally different test than students just a few miles away. The few standardized tests such as the ACT and SAT were given to almost all students within just a few days.

Tests are copyrighted material, and testing companies monitor social media services like Facebook and Twitter using automated software. The software scans user comments, looking for keywords or trigger phrases. Scanning social media for advanced tests such as college admittance and professional licensing exams has been going on for a long time, but social media monitoring for K-12 tests is fairly new.

Adoption of Common Core standards has led to an increase in the number of standardized tests, and changes to the school schedule in some areas has lengthened the testing window significantly. Students in one state might be taking the same test as students in a different state with as much as a month between them. If a student who took the test early shares information about the contents and material it covers, students who take the test later have an unfair advantage.

Test Security and Privacy Concerns

Last month the test publishing company Pearson came under fire for deleting a New Jersey student’s tweet regarding a question on a Common Core test. Pearson also informed the New Jersey Department of Education (DOE), which then contacted the superintendent asking school staff to discipline the student. Parents and Common Core critics blasted the test publisher and the New Jersey DOE, accusing them of spying on students and invading their privacy.

Originally an unnamed state DOE employee indicated the deleted tweet included a link to a picture of the test, but that wasn’t the case. The student’s message did not compromise the test contents.

Pearson issued a statement defending their actions, though they did change their policies regarding matching online accounts to students. Pearson had been matching the names to school rosters, now they are giving the names to the state DOE.

Smartphones, Social Media and Test Security

Even though a cell phone was not involved in this particular incident, they do pose a significant threat to testing integrity. Students use them to cheat by looking up answers, and most smartphones come with social media apps built right in. A few snaps with a smartphone camera can compromise the entire test. Berkeley Varitronics Systems offers tools educators can use to detect and locate cell phones being used in the classroom or before they even get that far. Contact us for more information about maintaining the integrity of your testing environment.

About Us

Berkeley Varitronics Systems (BVS) designs and manufactures innovative, RF analysis and wireless threat detection tools for businesses, government and educational organizations to manage secure facilities and maintain wireless networks.

Why Healthcare Hacking Has Become Big Business

healthcare_hacker

As banks and large retailers have taken steps to harden their networks, hackers have turned their attention to healthcare providers. Just recently, Premera announced a breach that took place last year may have exposed the personal and financial data of approximately 11 million customers. Last month, the nation’s second largest health insurance company reported the information of approximately 80 million people was exposed to hackers in a breach discovered on January 29th.

There are several reasons hackers have focused their attention on healthcare companies, even though companies in the industry don’t usually handle financial transactions.

Healthcare companies keep patients’ personal and financial data. Many patients use online payment options, which means their records may have information such as bank accounts and debit/credit card numbers. Even without financial data, criminals can use personal data to commit crimes such as identity theft and insurance fraud. They can also use email addresses to target patients for phishing scams. While email addresses are easy to change, other information such as names, birth dates, physical addresses and social security numbers are much more problematic if compromised.

Healthcare companies keep and share patient records. As part of the Affordable Care Act, healthcare providers are required to maintain their records electronically and share the data with other healthcare providers. This means if a patient must visit a doctor while on a trip or sees a specialist at another facility, the new doctor can access their records and information. This is important because patients can’t always tell the new provider important details like life-threatening allergies to medications.

Sharing information has real benefits for providers and patients, but it also increases risk of exposure. Because healthcare providers share data, if a criminal uses a patient’s data to obtain prescription drugs, the false prescriptions could become a part of the patient’s record and affect a doctor’s medical decisions in the future. For example, some drugs are incompatible. If a false record shows a patient is taking a drug that is not compatible with the preferred medication, a doctor may be forced to choose a less effective alternative medication.

Healthcare companies are a soft target. Companies in the healthcare industry are more focused on regulatory compliance than security. In the wake of the ACA many small software companies sprang up offering patient record and database software. Some healthcare companies developed their own software, but many opted to purchase off-the-shelf products from these companies. Many have gone out of business or been absorbed into other software companies, leaving the healthcare provider without security updates.

Even when security problems are known and updates are available, they often go for long periods without being patched. WhiteHat Security recently revealed only 24% of known security flaws in the healthcare industry are patched at any given time. Even more troubling, the average length of time for a healthcare site to fix security problems is a whopping 158 days.

Healthcare companies must take steps to harden their networks against hackers. Security breaches can have long-lasting effects on a patient’s financial and physical health.

Learn more about healthcare and other hacking targets. Subscribe to our weekly video 2 Minute Cyber Security Briefing Podcast on iTunes or Youtube. Visit www.CyberSecurityDictionary.com for more terms and definitions.

These Are Your Must-Have Secure Mobile Messaging App Features

 

dirty_text_message

When you send a text or MMS from your phone the normal way, you can’t control what happens to the information once it leaves your device. Wireless carriers are required to save messages for a certain length of time to assist authorities in criminal investigations. The recipient can save the message indefinitely, or send it to someone else without your knowledge or permission.

That means those risqué photos, videos or texts you sent to your significant other could come back to haunt you in the future. There are web sites where people post pictures and messages of a private nature sent by their exes as a form of revenge. Relatively innocuous business-related messages could prove damaging if taken out of context later. Even if you don’t have a disgruntled ex or business partner, the recipient’s device could be lost or stolen, or their cloud accounts hacked.

Several messaging and social media apps have sprung up in response to these security concerns. But how secure are they? Let’s examine the features you should look for in a messaging app that will keep your private messages under wraps.

End-to-End Encryption

Encryption uses a public and private key to encode and decode the messages. A secure messaging app should generate and store the keys on the user’s device, not on a server. The keys should only leave the device by action of the user, such as creating a backup or transmitting them to a new device. This means that even if a company is subpoenaed or required to deliver your private messages to the authorities, they technically cannot.

In-Transit Encryption

Encryption during transmission is important because these apps use a data connection instead of the phone connection. If you or the recipient is on WiFi, the messages could be intercepted and read by a third party. The app should also encrypt stored messages, in case the device is hacked or falls into the wrong hands.

Permanent Deletion

The digital storage on a smartphone works much like a PC’s hard drive. By default when you delete something, the operating system marks the space as available, but doesn’t actually remove the data until something overwrites the space. A secure messaging app should either remove the information completely, or only store the messages in RAM. Some messaging apps automatically delete the messages once they are read or after a specific length of time.

User Friendliness

While this isn’t a security feature in itself, it’s still important. Most secure messaging apps require both parties to be using the same app. If you choose one that isn’t user-friendly, it will be difficult to convince others to join and they may not stay. If you’re choosing a messaging app for business purposes, your employees may be tempted to find their own solution and resort to easier to use but less secure apps instead.

Which Messaging App Should I Use?

Most mass market messaging apps were not designed with security in mind. Apps like Yahoo! Messenger, AIM, Google Hangouts, SnapChat and Viber encrypt messages during transit, but leave them vulnerable to being read at other points.

Of the more popular messaging apps, iMessage and FaceTime are the most secure but are limited to Apple products. On the Android exclusive side, users concerned about security can use TextSecure. Other secure messaging apps such as Cyber Dust, Silent Text and ChatSecure support both platforms.

The best way to decide which app is right for you is to ask your contacts or employees and find out if there is a secure messaging app they are already using. If they are using an app without robust privacy protection, try out a few different apps and determine which one has the features you need the most.

Learn more about texting security features. Subscribe to our weekly video 2 Minute Cyber Security Briefing Podcast on iTunes or Youtube. Visit www.CyberSecurityDictionary.com for more terms and definitions.

How Easy Is It For Hackers To Jack The Tower?

air_tower_hacked

Earlier this month the Government Accountability Office issued a 46-page report outlining security vulnerabilities in critical Federal Aviation Administration (FAA) systems. The report concerns the national airspace system (NAS) used to track and direct public and private aircraft. Many of these issues are common in all types of organizations, so look over the FAA’s list of shortcomings and see how many might be affecting your company.

Interconnectivity: The NAS is not connected to the Internet, but it is connected to outside networks. The report indicates there are too many unnecessary connections between the NAS and these other networks. Security shortcomings in the connected networks could open access points into the NAS, leaving it vulnerable to attack.

Passwords: The report found some servers did not have sufficiently strict password requirements. The password requirements are actually less strict than I usually recommend.The FAA’s minimum number of characters in a password is eight. For maximum security your organization should require a minimum of twelve characters. Passwords should have at least one upper and lower case letter, and should contain numbers and special characters. The passwords should also automatically expire after a certain length of time.

User Authentication: Regulations state only authorized users can have access to the system, and users should have the minimum number of permissions required to perform their duties. The investigators found users with excessive permissions and improper security documentation.

Encryption: Another alarming detail is the FAA did not always ensure sensitive data was encrypted during storage and/or transmission. The investigation found network devices supporting certain systems did not encrypt authentication data, and some systems used weak encryption to store passwords.

Auditing & Monitoring: The report also indicated the FAA did not have adequate systems in place to monitor network traffic or ensure the NAS was logging security-related events. If an attack were to occur, the administrators may not be able to detect and respond to malicious activities in time.

Patching: Investigators found the FAA did not always take steps to ensure key systems were fully patched or kept up-to-date. Some systems were missing patches dating back more than three years, and some servers supporting key systems were so old they had reached end-of-life and were no longer supported. This leaves the systems vulnerable to security loopholes and exploits that have been fixed under newer software releases.

Unlike the FAA, lives may not depend on your network security. That doesn’t mean your organization can afford to relax. Ensuring your network is hardened against hackers is an essential part of running a business.

The Hidden Privacy Upside of Net Neutrality

 

net_neutrality

On February 26th the Federal Communications Commission voted in favor of stronger net neutrality rules. The vote reclassifies both wired and wireless broadband internet service providers (ISPs) as utilities under Title II of the Communications Act of 1934. Most of the media attention has focused on the ruling barring ISPs from blocking or prioritizing internet traffic and forcing companies running services that require a lot of bandwidth to pay extra for faster speeds. While these provisions are important, the act also includes regulations that could increase consumer privacy and help unsatisfied customers file complaints against broadband service providers.

Wireless Consumer Privacy Under Current Regulations

Wireless service providers were already classified under Title II, but only for voice service. Cellular companies have long used their man-in-the-middle status to track users’ mobile browsing habits and the apps they use. Because the carrier has personal information about account holders, the device’s location data and can identify each device at the network level, they can assemble detailed demographics lists to sell to mobile advertising networks.

This allows ad companies to target consumers with a level of precision that worries consumer privacy advocates. For example, if a mobile advertiser wants to target Latino families with pets in northern Los Angeles, the carrier could probably assemble such a list based on the account and browsing information available only to them.

Wireless Consumer Privacy Under Title II

Under the new ruling, Title II Section 222 requires broadband providers to “protect the confidentiality of proprietary information” of “other telecommunications carriers, equipment manufacturers, and customers.” The law was originally written to protect consumers and businesses against AT&T’s monopoly on landline services and telephone directories.

If “proprietary information” applies to data such as user account information, browsing records and location data, carriers would be required to protect the data and could not sell it to third parties without the customer’s consent. Until now, these protections have been severely lacking. In a talk that took place in Boulder, CO on the 9th, FCC Chairman Tom Wheeler shared a story of an unnamed telecommunications carrier that put sensitive customer information on the web with no encryption or password. Anyone could find a customer’s information with just a simple Google search.[1]

Broadband Consumers Finally Get an Ally with Some Clout

Another important but often overlooked feature of the ruling allows consumers to complain about their ISP directly to the FCC. Telecommunications and cable companies have some of the lowest customer approval scores of any industry. Until now, the FCC could only take action if the complaint involved misleading or deceptive claims. Unsatisfied broadband consumers could only take other complaints to the company directly or to advocacy groups with no powers of enforcement. Title II Sections 206-209 and 216-217 allow the FCC to investigate complaints and take action if necessary.

Even though the ruling passed 3 to 2, this isn’t the end of the net neutrality debate. The FCC vote was divided on party lines and some politicians are already vowing to fight the regulations. At least one carrier has already promised a lawsuit. If the ruling is challenged, any replacement regulations should keep the consumer protection parts intact.

[1] http://www.twice.com/blog/executive-insight/fcc-chairman-wheeler-justifies-net-neutrality/55968

Billion Dollar Bank Hackers Use Old Phishing Technique

spear_phishing

Last week the internet security firm Kaspersky Lab released a report on a highly-successful group of cybercriminals who targeted banks and may have stolen up to a billion across 100 financial institutions worldwide. While Kaspersky Labs did not name the victimized organizations, the report indicates they were mostly located in China, Russia and the United States. The attacks included a lengthy reconnaissance phase, with the criminals masquerading as legitimate users for long periods of time. The FBI and Secret Service said the U.S. financial system has not been affected, so perhaps the criminals were uncovered before they could strike.[1]

The malware the cyber criminals used, opened a back door into the company’s computer networks, allowing them access to learn the organizations’ systems. It even gave the hackers the ability to monitor webcams and embedded cameras in laptops to conduct long-term observation of employees. Once the criminals were familiar with the network, they were able to steal money in a variety of different ways depending on the organization. With some banks, they manipulated ATM machines to dispense cash at predetermined times, which were then picked up by money mules. At others, they artificially inflated the balance on legitimate accounts, then transferred the money to other banks in a different country.

As sophisticated and patient as they were, the hackers relied on email spear phishing to launch the initial phase of their attack. It’s an old-school technique favored by hackers because it works.

What is Spear Phishing?

Have you ever gotten an email asking you to “verify” your bank, eBay or PayPal account? Those emails are a form of phishing. When you click on a link in the email, it takes you to a web page that looks very much like the real thing, but is run by criminals attempting to steal your information.

Spear phishing works much the same way, except the emails are targeted toward a specific person or small group of people instead of broadcast to thousands. In today’s world of social media, it’s not difficult for criminals to find the names and email addresses of people within an organization. Once they have the person’s name and email address, the criminals simply write a convincing email that supposedly came from their boss or the company CEO. They attach the malware and instruct the employee to open the attachment in the message.

In this case, some of the emails were sent from compromised employee accounts. Once the bank employee opened the attachment, the embedded malware used a vulnerability in certain versions of Microsoft Office or Microsoft Word to infect the users’ computer.

How Can You Prevent Spear Phishing in Your Organization?

Instruct employees not to open email attachments they were not expecting, no matter who the message comes from. If an employee receives an email with a suspicious attachment from someone they know, have them double-check with the supposed sender before they open it.

Always install security updates and patches to computer operating systems and the programs your organization uses as soon as possible. In many cases, your IT staff can push updates out to computers on the network remotely.

Learn more about internet scams and security. Subscribe to our weekly video 2 Minute Cyber Security Briefing Podcast on iTunes or Youtube. Visit www.CyberSecurityDictionary.com for more terms and definitions.

[1] http://uk.reuters.com/article/2015/02/18/uk-cybersecurity-banks-idUKKBN0LM26120150218

Android & PC Tie For First Place In Malware

malwaremarathon

A report published last week by Alcatel-Lucent revealed malware on mobile devices has caught up to the infection rate on traditional PCs. The report was created by the telecommunications company’s Motive Security Labs and used data compiled from fixed and mobile networks using their Motive Security Guardian software. The software is deployed in networks around the world, and monitored traffic from nearly 100 million individual devices.

The report revealed 0.68% of mobile devices were infected with some type of malware. This may not sound like much, but with 2.3 billion mobile broadband subscriptions this estimate puts the number of infected smartphones and tablets at approximately 16 million. The report notes the estimate is probably conservative due to lack of coverage in China and Russia, where mobile malware infections are higher than average.

Android Makes Up Over 99% of Mobile Malware Infections

That the Android operating system makes up most mobile malware infections should come as no surprise. Its open source environment and the ability for users to install apps from third-party sources makes it easier for cyber criminals to distribute their malware. Apple and BlackBerry mobile devices have a more restricted app environment, and Windows Phone simply lacks the numbers to make a dent.

Another part of the problem is Android devices receive updates less frequently than PCs. In the United States, most Android devices run a version of the OS that is customized for each manufacturer, model and carrier. When Google releases a new version of the stock OS, the device manufacturer must test and tweak the OS for each supported device and carrier.

Top 20 Mobile Malware Infections of 2014

The report also gave information on the top 20 malware programs installed on Android devices. Six of the top 20 list consists of spyware apps that can monitor phone calls, SMS/MMS messages and track the user’s location via GPS data. Three spots went to adware programs. The rest of the list is made up of a wide variety of malicious apps.

Some apps open back doors into the device and allow the attacker to steal data for identity theft. A few are apps that send SMS messages to premium numbers to charge users on their phone bill. Others allow attackers to use the device as a proxy for illicit internet activity. There’s even a bot app that makes the mobile device part of a botnet, a type of malware usually targeted at PCs. New on the list this year are two ransomware programs, which claim to encrypt the information on the device and attempt to extort money from the user.

Mobile Malware is Growing in Sophistication

In the past mobile malware mainly consisted of adware, but some of the malware on the list have features previously targeted exclusively toward traditional computers. As the number of mobile devices grows and the device become more powerful, they will become an increasingly attractive target for hackers.