If you think it’s just your desktop computer that’s susceptible to spyware, think again. With the boom in smartphone usage over the past couple of years, and with people now conducting more commercial
transactions on their phone, smart phones are increasingly becoming a target of cyber thieves.
So, what exactly is mobile phone spyware?
Mobile phone spyware is a type of malware that records your personal information and tracks what
you do on your phone without your knowledge. While hackers used to target desktop computers in
the past, it’s more common these days for them to target mobile phones since people are spending
more time on their phones now compared with being in front of the computer. In 2017, 37.5%
of Malaysian smartphone users did their banking through their devices and this will have increased
Most smartphone users would tell you that they enter more valuable information about themselves
on their mobile phones than anywhere else! There’s so much personal information in our
smartphones because it’s accessible and we’re doing so much with it – from connecting and
engaging with people and brands, to paying bills and doing our banking. It doesn’t occur to us to
worry because we all think that mobile phones are invulnerable to virus attacks.
We don’t realise that spyware can be transferred to our phones as easily as downloading third party software and opening an infected file through your email.
Here’s how cyber criminals can breach our defences
Andrew Blaich, a researcher from mobile security company Lookout, and Eva Galperin, a cybersecurity
director from the Electronic Frontier Foundation, told attendees at the 2018 Kaspersky Security
Analyst Summit in Mexico about Dark Caracal, a sinister worldwide malware campaign that infected
thousands of mobile devices in over 20 countries.
The campaign was traced to a building in Beirut and operated by putting up an app that looked almost identical to the original. This ‘dupe’ fooled thousands of people into installing the app. Once it was in smartphones, the cyber criminals had access to all the valuable personal data in those devices.
While the App Store and Google Play Store can protect us from downloading an infected app the
masterminds behind Dark Caracal were able to prey on unsuspecting users because they imitated
trusted messaging apps like WhatsApp and Signal. They enticed users to download the apps from a
third party website called Secure Android by offering safer versions of the original.
Users were attracted because the Google Play store isn’t available in China for instance, where there are millions of active Android users.
So we’ve established that mobile phone spyware is a threat. How can we protect ourselves?
1. Don’t jailbreak your device
It’s more difficult to install malware on iOS devices simply because they’ve a closed ecosystem which
means, users can only download apps from the App Store and there are stringent checks by Apple to
ensure the apps are virus-free. Once the phone is jailbroken, it works more similarly to the Mac or
PC where the app is written directly to the hard drive and can affect the core code. The app is no
longer restricted to the stringent controls set up by the developers.