Smartphones have become a mine of personal information, holding bank data, credit card information and addresses, making them the preferred target for cybercriminals, experts warn.
“Cybercriminals go where there is value, and they have understood that the smartphone has become the preferred terminal for online shopping and payment,” said Tanguy de Coatpont, head of the French branch of international anti-virus firm Kaspersky Lab at the Mobile World Congress in Barcelona.
Ransomware, which seizes control of computers and demands money to unblock users’ data, has already started to target smartphones.
Now the devices are also being sought after as a gateway to key information about its user, experts at the phone industry’s largest annual trade fair said.
Cybercriminals have progressed from smartphone ransomware attacks to using Trojan Horse malware that can steal the log-in credentials of mobile banking users, said Fabien Rech, the head of the French division of Intel Security.
Using the stolen credentials, thieves can then log in to the victim’s account remotely and transfer money out.
“We see more and more attacks against banking apps,” said Rech.
There was a 17 percent increase in attacks targeting banking apps last year around the world, according to Slovakian cybersecurity firm ESET.
A new crop of younger cybercriminals is more at ease with smartphones, said Russian online security specialist Eugene Kaspersky, the head of Kaspersky Lab.
“I think that old generation of cybercriminals are on personal computers, the new are those who are on mobile,” he said.
While most cyberattacks target Android, the widespread smartphone operating system developed by US Internet giant Google, Apple’s iOS system, used on iPhones and generally considered more secure, is not immune from attack either.
“Frauding iOS could be easier because you only have few devices using it,” said Avishai Shoushen, the head of Israeli mobile advertising platform ClicksMob.
Since iPhones can be connected to other Apple products, hacking into the handset can give a cybercriminal access to the data in other connected gadgets as well, said Ciaran Bradley, chief technology officer at Irish security firm Adaptive Mobile./AFP