Find news and information about the latest advances in technology, news and multimedia on the Internet, telecommunications, wireless devices & applications, electronics, smartphones, tablets, ultrabooks, computers, e-mail and the Web.

As mobile malware increases at break-neck speed, the U.S. government wants to be sure users are aware of its dangers. The Internet Crime Complaint Center (IC3), which is a government task force that includes the FBI, issued a mobile malware warning on Friday.

“The IC3 has been made aware of various malware attacking Android operating systems for mobile devices,” the warning said. “Some of the latest known versions of this type of malware are Loozfon and FinFisher.”

The IC3 said that Loozfon lures its victims by sending them e-mails with links promising “a profitable payday just for sending out email,” then embeds itself onto the phone when the link is clicked. This malware steals information from users. FinFisher, on the other hand, is spyware and can take over the components of a smartphone. According to the IC3, this malware is also installed via a bogus e-mail link or text message.

While Loozfon is a threat to U.S. users, it’s a bigger problem in Japan, according to The Next Web; and FinFisher attacks not only Android devices but also devises running iOS, BlackBerry, Symbian, and Windows Mobile as well.

Security reports over the last year have shown that mobile malware is on the rise. According to a report by McAfee last month, malware is multiplying at a faster pace now than any other time in the last four years. Android tends to be cybercriminals’ favorite target and users are getting an increasing mix of SMS-sending malware, mobile botnets, spyware, and destructive Trojans.

Google is aware of this and new features on its latest Android mobile OS — Jelly Bean 4.1 — aim to beef up the system’s securityover past OS iterations. With Jelly Bean’s design, Google hopes to defend against hacks that install viruses, along with other malware.

Despite this, mobile users are still concerned about malware leeching their private and personal information. According to a recent Pew survey, over half of U.S. mobile users are paranoid about their privacy and have either uninstalled or refused to install apps for this reason.

The IC3 outlines some tips for users to protect their mobile devices, which include operating system encryption, passcode protection, malware protection, making sure apps are from trusted sources, being aware of apps that geolocate, and avoiding connecting to unknown wireless networks.

In short, the IC3 says, “Use the same precautions on your mobile phone as you would on your computer when using the Internet.”


The IC3 has been made aware of various malware attacking Android operating systems for mobile devices. Some of the latest known versions of this type of malware are Loozfon and FinFisher. Loozfon is an information-stealing piece of malware. Criminals use different variants to lure the victims. One version is a work-at-home opportunity that promises a profitable payday just for sending out email. A link within these advertisements leads to a website that is designed to push Loozfon on the user’s device. The malicious application steals contact details from the user’s address book and the infected device’s phone number.

FinFisher is a spyware capable of taking over the components of a mobile device. When installed the mobile device can be remotely controlled and monitored no matter where the Target is located. FinFisher can be easily transmitted to a Smartphone when the user visits a specific web link or opens a text message masquerading as a system update.

Loozfon and FinFisher are just two examples of malware used by criminals to lure users into compromising their devices.

Safety tips to protect your mobile device:

  • When purchasing a Smartphone, know the features of the device, including the default settings. Turn off features of the device not needed to minimize the attack surface of the device.
  • Depending on the type of phone, the operating system may have encryption available. This can be used to protect the user’s personal data in the case of loss or theft.
  • With the growth of the application market for mobile devices, users should look at the reviews of the developer/company who published the application.
  • Review and understand the permissions you are giving when you download applications.
  • Passcode protect your mobile device. This is the first layer of physical security to protect the contents of the device. In conjunction with the passcode, enable the screen lock feature after a few minutes of inactivity.
  • Obtain malware protection for your mobile device. Look for applications that specialize in antivirus or file integrity that helps protect your device from rogue applications and malware.
  • Be aware of applications that enable Geo-location. The application will track the user’s location anywhere. This application can be used for marketing, but can be used by malicious actors raising concerns of assisting a possible stalker and/or burglaries.
  • Jailbreak or rooting is used to remove certain restrictions imposed by the device manufacturer or cell phone carrier. This allows the user nearly unregulated control over what programs can be installed and how the device can be used. However, this procedure often involves exploiting significant security vulnerabilities and increases the attack surface of the device. Anytime a user, application or service runs in “unrestricted” or “system” level within an operation system, it allows any compromise to take full control of the device.
  • Do not allow your device to connect to unknown wireless networks. These networks could be rogue access points that capture information passed between your device and a legitimate server.
  • If you decide to sell your device or trade it in, make sure you wipe the device (reset it to factory default) to avoid leaving personal data on the device.
  • Smartphones require updates to run applications and firmware. If users neglect this it increases the risk of having their device hacked or compromised.
  • Avoid clicking on or otherwise downloading software or links from unknown sources.
  • Use the same precautions on your mobile phone as you would on your computer when using the Internet.


This article was previously published at


Comments on: "FBI: Various malware attacking Android operating systems" (2)

  1. I rarely comment, but after reading a great deal of comments on FBI: Various malware attacking Android operating systems
    Technology Buzz. I do have 2 questions for you if it’s allright. Is it simply me or do some of the remarks look like they are written by brain dead visitors? 😛 And, if you are posting on other places, I would like to follow you. Would you make a list of the complete urls of all your public pages like your linkedin profile, Facebook page or twitter feed?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

Tag Cloud

%d bloggers like this: