Validating the growing concern among enterprise data security managers regarding smartphones, NetQin Mobile recently reported that it discovered a piece of malware present on more than 20 Android applications.
The malware, dubbed BaseBridge, can be found lurking on such apps as Drag Racing, Donkey Jump, Gold Miner, QQ Doudizhu, Voice SMS and others, the mobile security firm stated.
When installed, the malware is capable of automatically dialing numbers and sending SMS messages, resulting in higher user fees and phone bills. BaseBridge can also block the phone from receiving incoming messages from the wireless carrier, which may inform the user that his or her smartphone has been infected.
The rise of smartphones – particularly those based on Google's Android – have become a growing data security concern for many businesses. While the devices can be used to increase employee productivity, they can also open a bevy of data protection vulnerabilities, including malware and data breaches.
Given Android's open sourcing licensing, it has become an attractive target for cybercriminals. According to Juniper's recent Malicious Mobile Threats report, mobile malware grew by 250 percent between 2009 and 2010. Malware specifically targeting Android-based devices has increased by 400 percent since last summer alone.
One of the most high-profile Android malware incidents occurred earlier this year when it was discovered that the DroidDream malware had been downloaded onto 260,000 devices. Google quickly removed the known threats, but a new variant of the malware, dubbed DroidDreamLight, recently surfaced, infecting between 30,000 and 120,000 users, according to estimates by Lookout Mobile Security.
As more businesses continue to support employee-owned smartphones and tablets, it is important data security managers educate owners of the threats facing these devices. Additionally, businesses can bolster data protection by addressing such devices in their corporate security policies.
