Mobile bots and botnets
A mobile bot is a type of malware that runs automatically once installed on a mobile device without mobile antivirus software. It gains complete access to the device and its contents, and starts communicating with and receiving instructions from one or more command and control servers. Every smartphone infected is added to a network of mobile bots (mobile botnet) managed by a cybercriminal called the botmaster.
The first mobile bot-infections were discovered at the beginning of 2011 with the attacks of DroidDream and Geimini – both trojanized game apps with bot-like capabilities that compromised Android devices. There have also been mobile botnet attacks targeted at iPhones (SMS attacks), Blackberry and Symbian devices. So no matter the operating system your smartphone runs on, all these precedents are strong cases for mobile antivirus protection.
How can bots get to smartphones?
Mobile bot infections can be spread via viruses, worms and Trojans with bot capabilities:
- sent by e-mail
- embedded in seemingly legit apps – even malicious apps that pose as mobile antivirus programs – that you download
- embedded in websites that you visit while surfing the web
- in “drive-by” downloads
Over the course of weeks, thousands of smartphones can get infected and added to the mobile botnet.
What can you expect from a bot infection?
If your smartphone doesn’t have proper mobile antivirus protection, it can easily become a part of a botnet. Let’s assume it has. What can a botmaster do now?
- Disrupt or deny access to networks
- Steal credit card details, usernames, passwords etc.
- Send SMSs to premium numbers or block incoming SMSs
- Copy SMSs and the contact list stored on your smartphone to a server
- Install/remove an application
- Dial a certain phone number
- Open a web page that’s either malicious or filled with ads
In short, send orders to your smartphone from anywhere, anytime to make some money exploiting it.
Some botmasters want more than a couple of mobile user’s data. After organizing an army of bots, meaning thousands of infected smartphones, they can launch an attack over an entire mobile network.