Lysa Myers, director of research, West Coast Labs
Lysa Myers, director of research, West Coast Labs

Recently a friend asked me to recommend a mobile anti-malware product for him to use.

I am loath to state any one product as the best, as I firmly believe that there are different products that are best for different people's needs. There cannot and should not be one product that is all things to all computer-using people.

As he is using a platform that has seen a lot of malware development, my friend is wise to now be starting to investigate using anti-malware products. While malware on mobile devices is not yet an everyday affair like it is for Windows users, it's better to have your defenses in place before an emergency arises. All signs indicate that the day is fast approaching when these infections will be common. But security products exist today that can secure your devices and protect sensitive information.

In a previous article, I noted my surprise at how advanced mobile anti-malware products are, right out of the gate. They are not merely simple, single-purpose security products, but as broad security suites that address the specific needs of smartphone users. Developers of anti-malware products are taking what they've learned about stealthy, financially-motivated malware, and applying this to a new class of product.

Not surprisingly, malware authors are not reinventing the wheel either. Rather than going through the various stages of malware that are typical of exploring new operating systems, malware is jumping straight away to modern and sophisticated techniques.

According to a recent report by Juniper Networks, the Android application marketplace is becoming home to tactics that mirror those which are commonplace for Windows malware; specifically, techniques for getting maximum bang-for-buck when your malware may only be on a system for a short while. Other vendors' reports and anecdotal evidence also point to the surprising sophistication of mobile malware, including threats growing directly from well-known, Windows-based malware families.

The Android Market is monitored such that objectionable apps can quickly be rendered inaccessible, however not before they may have hit hundreds of users. Malware authors have countered this enforcement by pumping out large numbers of packages so that people monitoring the marketplace are playing ‘whack-a-mole,' constantly swinging away at these threats.

Once these threats are on a user's phone, it's hard to tell just how many of them stay on the device or for how long. Events from this year pushed Google to actively pull threats from affected Android devices. It's unknown if this was a one-time event, or the beginning of a standard policy.

Currently backdoor and spyware-type trojans are the threats that are most similar to Windows malware. The spyware can surreptitiously swipe the usual financially valuable data, and the backdoors are primarily useful as a way to keep downloading new components or updated versions of the malware.

Premium-rate SMS malware is also common and is something akin to porn dialers, which were common some years ago. These threats are gaining privilege escalation by utilizing vulnerabilities within the Android operating system, on devices where updates are not current.

Now is the time to get ahead of mobile malware by investigating smartphone security products.

Third-party test and reviews are becoming more plentiful, so you can stay informed on this new industry as it develops.