Design and research work “Mobile viruses - myth or threat. "Mobile viruses: myth or threat?" Memo “how to protect yourself from mobile viruses”

Author of the article for a long time treated the problem of the existence of mobile viruses with a fair amount of skepticism - until an ordinary middle-class mobile phone infected with an unknown virus fell into his hands. Nokia 6085 was infected from a smartphone via Bluetooth(the malware was copied under the guise of a game). The phone's operation was extremely unstable. When I tried to remove the virus through the menu, the mobile phone froze. It was possible to cure the phone by connecting it to and deleting the infected file using a file manager File manager Nokia PC Suite. Not a single antivirus - with the latest databases! - I couldn’t identify...

***

Some terminology

First, let’s define virus terminology: we will call mobile viruses viruses for mobile phones (both simple and advanced ones).

Secondly, let's define hardware terminology. All mobile phones can be divided into 2 types:

1) phones using an operating system (advanced and sophisticated - smartphones, communicators);

2) phones running firmware.

The main operating systems for advanced mobile phones: Symbian(currently occupies a dominant position in the market) and Windows Mobile.

Firmware- This program, work manager phone, but “sewn” into the phone itself. Each mobile phone manufacturer creates its own firmware for specific models (thus predetermining the functionality of the phone).

The operating system allows downloading and running programs on the phone, and in the firmware such an opportunity appeared only with the advent of J2ME.

***

What's happened

J2ME – Java 2 Micro Edition is a version of a popular programming language Java(created Sun Microsystems), designed to run applications written in the language Java, on devices consumer electronics, for example, mobile phones, personal organizers, digital television receivers, etc. The basis J2ME is the so-called , capable of executing language bytecode Java(i.e. it is an environment for executing applications).

Virtual machine Java, adapted specifically for phones, is so compact in size, and, most importantly, is considered safe that almost all phone manufacturers try to provide support in their firmware J2ME.

***

The history of mobile viruses

Talk about the imminent appearance of viruses for mobile phones began in the late 90s. XX century (then smartphones appeared on the market).

In June 2000, a program appeared in Spain that can be considered the first virus for mobile phones. got a name Timofonica(console " timo"translated into Russian means “fraud”, “swindle”), which sounded very much like the name of the largest Pyrenean telecommunications giant Telefonica. The virus was sent from the infected SMS-messages to local operator phones MoviStar, providing services in standard GSM. These messages contained only one line per Spanish: “Information for you: Telefonica he’s cheating you!”

Russian mobile phone users Timofonica not affected. To be precise, call Timofonica mobile virus cannot, because it was based on and distributed via email. It no longer had any effect on mobile phones.

In August 2000, subscribers of the Japanese operator were alarmed NTT DoCoMo. The reason lay in strange behavior their mobile phones equipped with service support i-mode(quick access to entertainment resources Global network). At the moment when one of the typical online-voting using wap-service, when answering one of the questions, the handsets of all owners participating in the quiz began to call the local police phone, which led to a significant network overload.

In total, more than 400 empty calls were recorded. During the investigation of the incident, it turned out that all subscribers' phones NTT DoCoMo, supporting i-mode, the operator has sewn in “ ”, allowing access to the device. It was not possible to find out why the calls were made specifically to the police number. The incident was forgotten over time...

At the end of 2003, in an interview with an online magazine, Kaspersky stated: “There are no viruses for mobile phones and are unlikely to appear. Regular mobile phones have never been threatened by malware and are unlikely to be threatened in the future. Java– a well-protected environment, completely unpromising from the point of view of virus writers. Minor flaws are quickly patched up, and there is no reason to worry. What we mistakenly call "phone viruses" are actually consequences of incorrect processing certain commands. Indeed, one can recall the famous “Siemens killer”, from which more than a dozen users of 35 series handsets suffered: when trying to open SMS- a message with one cleverly worded word, the phone hung hopelessly (I know the word, but I won’t say it!). The only thing that saved me was the reshuffle SIM-cards into any other device that allows you to erase a message without opening it. The situation with smartphones is ambiguous. For malicious code to spread widely, a particular smartphone device must be very popular and at the same time have holes in its protection. For now, it is much more dangerous to download an infected file to a smartphone, which can later be transferred to a work one, bypassing anti-virus monitors and firewalls. However, in the future, an infection adapted for smartphones may well appear - why not? If a disease appears, a cure will appear...”

June 14, 2004 to: Email Kaspersky Lab received a letter from a well-known collector of computer viruses, closely associated with some virus authors, a Spaniard VirusBuster. The letter contained a file named caribe.sis. A quick analysis of the file showed that the file is an application for the operating system Symbian and at the same time an installer archive containing other files.

Within a few hours, analysts were able to figure out what kind of file it was: it was a worm for mobile phones, sending itself through Bluetooth. The conclusions were fully confirmed the next day, when analysts tested the performance of the worm on a phone. Nokia N-Gage equipped with an operating system Symbian.

The worm was created by a person known by the pseudonym Vallez. He lives in France and at that moment was part of the virus writing group 29A. This group aimed to create new, conceptual viruses for non-standard operating systems and applications. Its participants seemed to demonstrate to antivirus companies and other virus writers that new attack vectors exist.

This time the goal was to create malware for smartphones. A non-standard method was also chosen to reproduce the worm. Worms typically spread via email, and it would be logical to expect Cabir the same way of sending yourself. Moreover, one of the main functions of smartphones is the ability to work with the Internet and e-mail. However, the author of the worm chose a different method - the protocol Bluetooth. This became the second key point of the idea.

Virus Cabir immediately after landing on someone’s smartphone, it begins to constantly scan the airwaves in order to find more and more new victims. Apart from banal self-reproduction, there is no danger for smartphones Cabir does not bear any consequences, except for increasing the rate of battery discharge due to the active use of technology Bluetooth.

When a potential “client” is detected, the infected device sends it a file caribe.sis volume 15 kbytes. For the victim, it looks like this: an offer to accept a certain letter appears on the screen, and if the user agrees, a file with a virus is sent to his phone, after which the system asks permission to install a program called Caribe. If the answer to this question is yes, the worm is installed into the system, copying itself into several directories at once to be sure.

This was the beginning of mobile virus writing.

A Finnish company was one of the first to pay attention to the problem of mobile viruses. F-Secure and Kaspersky Lab.

According to various estimates, about 50,000 mobile viruses are currently known. Discrepancies in the number and names of mobile viruses are determined different approaches to classification by different antivirus companies.

Despite the relative abundance of mobile viruses, there are still few truly dangerous ones among them.

***

Main types of mobile viruses:

Worms spreading through specific protocols and services;

Vandal Trojans that use bugs to install themselves into the system;

Trojans aimed at causing financial damage to the user.

Worms are the most dangerous. Worms are self-propagating viruses; they can cause a very rapid infection of a large number of systems, disrupting the functionality of mobile network or by turning it into a distributed network controlled by an attacker (“zombie” network).

A short list of “mobile” viruses:

Cabir- transmitted by Bluetooth. Sends out its copies to all available Bluetooth- connections, which is why the “smart” can “slow down”.

Cardtrap- Trojan Installs various Trojan programs on the phone's memory card to Win32-systems

Comwar– worm. Distributed as MMS, has become the most common malicious code in MMS-traffic.

Flexispy- the first fully functional spy, which its creators sold on their website for $50: it establishes total control over the smartphone and sends information to the attacker about calls made and sent SMS.

Cxover– the first cross-platform virus. When it starts, it checks what kind of operating system it is. Launched on looking for available via ActiveSync mobile devices. The virus then copies itself via ActiveSync to the found device. Having got into the phone (or), the virus then tries to do the reverse procedure - copy itself to. In addition, it can delete user files on a mobile device.

Mobler.a– a cross-platform worm capable of functioning on operating systems Symbian And Windows. Copies itself from the phone to and back.

WinCE4.Duts. Amazes pocket computers on the base Windows CE. Doesn't pose any particular danger. It is believed that its creation was simply proof of the possibility of the existence of viruses for PDA.

Trojan-SMS.J2ME.RedBrowser– a Trojan that can infect almost anything existing models mobile phones (including regular mobile phones!).

Wesber- Trojan Maybe with the help SMS steal from a subscriber's mobile account. It is the second Trojan that can function not only on smartphones, but also on almost any modern mobile phone due to the fact that it is written for the platform Java (J2ME).

Worm.SymbOS.StealWar- spy Pbstealer and the worm Comwar. Author StealWar combined them in one module, and the result was a worm that has features of both of its “parents” (stealing data address book and sending himself through MMS).

Metal Gear Solid- disguises itself as installation file games, after activation, searches for and disables antivirus programs.

Commwarrior – MMS-worm. Distributed through MMS And Bluetooth. Sends out MMS-messages without the owner’s knowledge. The battery drains quickly.

Skulls. Replaces everything standard icons in the menu with a stylized image of a skull and crossbones. It becomes impossible to open applications using icons. Distributed as Extreme theme.sis.

icons v.1.00. Changes original icons to “broken” ones.

Ozicom. After installation, the icons change, all the inscriptions under them are in Hebrew.

Doomboot-A– disguised as a game DOOM 2.

Lasco– implements its code in everything sis-files installed on the “smart”. Its creators took as a basis Cabir and added a file infection function to it. For now it is considered a collection virus (i.e. it is not widely distributed and does not cause much harm).

***

Problems of protection against mobile viruses

Appearance of a Trojan in February 2006 RedBrowser came as an unpleasant surprise. For the first time, ordinary mobile phones became the target of infection, and the platform, which was considered safe, J2ME, can no longer be considered as such.

Now not only smartphones are under threat, but also regular phones that use applications written in the language JAVA, and having access to the Internet. “90% of new mobile phone models fall under these parameters,” says Gostev, leading virus analyst at Kaspersky Lab. – In the future, this can even lead to serious disruptions in work mobile operators. If such viruses become widespread, the work of any company providing services mobile communications, can be paralyzed within 15 minutes."

The main problem is that when direct connection You cannot use security measures from your phone to the Internet. And if you can install anti-virus programs on smartphones, then RAM regular mobile phones do not allow this.

The widespread use of mobile viruses greatly contributes to the spread of Bluetooth And MMS(if basic safety rules are not followed).

There was a case in the USA when mobile phones Nokia 6600 with included Bluetooth, displayed in a store window in the Californian city of Santa Monica, became infected with the virus Cabir from mobile phones of people passing by.

***

Antiviruses

Antivirus companies have already begun releasing versions of their programs to protect smartphones: Symantec Client Security for smartphones Nokia, Kaspersky Security For PDA, Kaspersky Anti-Virus For Symbian OS, KAV Mobile(“Kaspersky Lab”), WinMobile, Trend Micro Mobile Security (Trend Micro), released their versions BitDefender And ESET, McAfee released a full-featured solution for operators and subscribers.

***

Reasons for the spread of mobile viruses:

Vulnerabilities software;

Low level of “mobile” literacy;

The attitude of mobile phone owners towards mobile viruses as a problem of the future;

Curiosity (what will happen if I run this file/game/program?);

Failure to comply with basic safety rules.

Ways a virus can enter a phone:

From another phone via Bluetooth-compound;

Through MMS-messages;

Hello, dear readers of the Mobile Home blog!

The emergence of a large number of programs that can be downloaded for free, and wide use The Internet gave a free hand to all sorts of hackers and “pests” who began to create viruses that could infect a mobile phone or smartphone. The introduced virus can produce various operations on your device, including debits from a bank account linked, for example, to your Google account.

It is quite easy to catch a virus on your phone. Any file you download from the Internet could potentially contain a malicious script. Also often attacked active users emails that opened a letter sent by the system to spam.

More precisely, what do those who create and launch viruses into the network need?

Most often they need money. Therefore, attackers try to obtain information about your bank card in any way possible, so that they can then transfer funds from your account to theirs. Once a virus gets into a phone, it does not show itself - it is controlled remotely by the owners, and only at their command will it begin to act.

A large team of professional programmers is working on ways to treat smartphones from viruses and fight them. But hackers don't sleep either. They are improving their Trojans and writing more complex codes each time. Modern viruses are capable of collecting full information about the owner of the smartphone: all personal data, photo and video materials, phone numbers, passwords in social networks. They can also block calls to your phone.

After reading the lines above, you may panic. But don’t worry ahead of time. There are ways to protect yourself from the unpleasant consequences of malware infection.

How to check your phone for viruses?

Exist special programs- antiviruses that scan the operating system and, if suspicious scripts are detected, notify you about it.

How to prevent virus infection? Experts give several practical advice, following which you can protect your device from harmful programs:

1. In no case do not enable "Developer Mode" .
2. Do not install programs from third-party sources - they should be downloaded only from official sites.
3. Follow the information that the program asks for during installation.
4. Install ANTI-VIRUS program!

The last point is key. If you want to protect yourself as much as possible, then spare no expense in purchasing a paid professional version antivirus software.

What to do if your smartphone is infected?

If you know the source of the problem, you can try to remove the program that is carrying the virus (read about). If a malicious program is detected by an antivirus program, it will prompt you to remove it.

There is another treatment method - resetting to factory settings. In this case, all information will be deleted from the phone. After the reset, you should immediately install antivirus software and run diagnostics.

The virus may remain removable card memory. It is better to scan it separately at desktop computer using a proven antivirus. As you already understood, installation by professional antivirus programs with constant updating - this is the best remedy prevention. Don't neglect this!

Best regards, Sergey Chesnokov

SCIENTIFIC AND PRACTICAL CONFERENCE

CREATIVE PROJECTS AND RESEARCH WORKS

Section: computer science

Introduction page 3

1. History of mobile viruses p. 4 Current status p. 5

   Wormy Variety p.6

   Reasons for the spread of mobile viruses page 7

   Symptoms of infection page 7

   How to remove infected files page 8

   Mobile antiviruses page 8

   Conclusions page 8

References page 9

Applications p.10

Appendix 1 Results of a survey by the antivirus company McAfee p. 10

Appendix 2 Questionnaire among students p.11

Appendix 3 Results of a survey among students p.13

Appendix 4 Memo “How to protect yourself from mobile viruses” p.14

INTRODUCTION

Imagine this situation: you urgently need to make a call, you take out your mobile phone and are about to dial desired number and find out that you have no money in your account. But just a few hours ago the balance was as much as one hundred rubles! What happened? The answer is simple: a mobile virus has entered your phone...

Viruses- the trouble is extremely insidious. Any computer scientist will confirm this. It's worse when it comes to the phone. There are contacts, an account... and a bunch of other little things. If something happens to them, it will paralyze all work; the mobile phone will turn from a means of communication into a deaf-mute device.

This topic is the most relevant today, since the problem of viruses for mobile phones has existed for several years.

It seems to me that everyone is interested in learning about the current state of viruses for mobile phones.

Target: Find out whether there is a problem with viruses for mobile phones and how owners feel about this problem cell phones.

Tasks:

Conduct a literature analysis to study the problem of mobile viruses.

Find out what mobile viruses are?

Is there a real danger of getting mobile viruses on your mobile phone?

What to do if your phone gets a mobile virus?

Practical use: is to help students learn to distinguish mobile viruses and protect themselves from infecting their phone.

Methods: questionnaires, statistical data processing.

Hypothesis: It can be assumed that mobile viruses exist and they can affect the performance of mobile phones.

Results of sociological surveys.

As CyberSecurity reports, antivirus company McAfee conducted a survey among users in the US, Japan and the UK, showing that only 2.1% of phone owners had actually encountered mobile malicious codes. However, these users reported that when they caught the virus, they were completely unprepared for it. Another 11.6% of respondents said they knew people who had problems due to phone viruses. 86.3% said that they had not heard anything about mobile viruses and other threats to mobile phones.

I conducted a survey to identify awareness of viruses for mobile devices among students of MBOU ESH No. 9

Have you heard about mobile viruses?

Yes - 87, no - 1.

2. Do you know how a mobile virus penetrates a phone?

Yes - 67, no - 20.

3. Have you ever had a virus infection on your phone?

Yes - 36, no - 49,

4. Are you familiar with anti-virus programs for mobile phones?

Yes - 78, no - 6.

The survey showed:

1% - have not heard of mobile viruses

23% - do not know how a mobile virus penetrates a phone

42% - the phone was infected

7% are not familiar with antivirus programs for mobile phones

Let's look at the history of mobile viruses

The history of mobile viruses goes back a little less than ten years - quite a serious age by the standards of cellular market.

2000 - the appearance of the Timofonica program. It cannot be considered a full-fledged mobile virus, since the utility was installed on a computer and was engaged in sending SMS messages.

In 2003, in an interview, Evgeny Kaspersky even allowed himself to declare the improbability of the emergence of full-fledged mobile viruses designed to infect cell phones and smartphones.

However, in June 2004, a group of virus writers 29A developed the first real mobile virus - Cabir.

Within a short time for software platform Hundreds of different viruses were written on Symbian OS, including both worms and Trojans. Some of them posed a real danger to the normal functioning of mobile devices. The means of spreading viruses changed and improved - in addition to Bluetooth, infection occurred through MMS messages (the first such virus was ComWar, which appeared in March 2005).

A month after the Cabir virus appeared, malicious application for the WindowsMobile platform - Duts, which posed a threat to the file system of the communicator or PDA. Finally, the appearance in February 2006 of RedBrowser, the first mobile virus for phones with Java support, which dramatically increased the potential audience of infected devices.

Cross-platform viruses also appeared that spread during synchronization with a PC. If earlier viruses were written by enthusiasts, then gradually real commercial developments began to appear. It's about, in particular, about the theft of confidential information such as content telephone directory or calls made

Current state

A cell phone virus is an application that disguises itself as a game or an attractive Internet file. After the subscriber downloads it to his phone, the “subversion” begins. A mobile virus can either block a memory card or, unnoticed by the user, send SMS or MMS messages to paid numbers, it can also steal data from the address book and send it to the owner of the malicious program.

The situation for mobile viruses has become especially favorable with the widespread use of smartphones and communicators. Unlike a regular mobile phone, these devices have operating systems whose capabilities are quite sufficient to become a good environment for the spread of viruses. Bluetooth, through which viruses can spread especially quickly.

Insidious virus programs spread especially actively in crowded places: in the subway, in cinemas, at airports. A striking example is the World Cup. In huge packed stadiums, mobile viruses spread with amazing speed. Many fans have become victims of these insidious programs.

This is probably better environment for mass infection of mobile phones and smartphones. Firstly, in such conditions the virus is very easy to spread. The computer that contains the pest program simply starts sending it out via MMS or Bluetooth to all mobile phones within a radius of several meters to one kilometer. Secondly, very convenient conditions are created for deceiving subscribers. After all, to infect phones it is not enough to simply send a virus via Bluetooth. The user needs to run malware on your phone. The reaction of a person engrossed in a football match who receives a message that he has allegedly won a ticket to the next game is quite predictable. The fan, captivated by the spectacle, will probably not even sense the trick; he will press OK, and the malicious program will end up on his phone.

Wormy variety

Eat different types"infections" for mobile phones. Let's look at some of them.

Cabir worm virus

The first cell phone virus was discovered in 2004, and over time it affected 23 countries. This is the so-called computer worm, called Cabir. It infects Symbian smartphones. The virus is delivered to the handset as an SIS file, masquerading as a security management utility. The “infected” smartphone begins searching for other vulnerable devices and sends a file containing the worm to them. The virus does not destroy user data, but blocks authorized Bluetooth connections and consumes battery resources. It can spread quickly. A massive case of infection with this virus occurred in 2005 at the World Championships athletics in Helsinki. At the large stadium where the championship was held, Cabir literally set records for the speed of distribution. Fortunately, employees of the Finnish antivirus company F-Secure managed to resolve this situation. There was a special place at the stadium where phones were “cleansed” of the virus.

CommWarrior virus

In 2005, more dangerous virus called CommWarrior. This program terrorized subscribers’ smartphones for quite some time. CommWarrior attacked Symbian devices on S60 and spread via Bluetooth or MMS. The virus penetrated the handset and immediately began sending infected MMS to all contacts in the address book, as it not only disabled the device, but also undermined the financial situation of users by unauthorized sending of MMS.

Flexispy Spy Virus

In April 2010, the insidious Flexispy program was discovered, being sold over the Internet for 3,000 rubles. This is a fully functional spy that establishes total control over the smartphone and begins to regularly send its owner all the information about calls made and SMS sent.

Cross-platform Cxover virus

This is the first mobile virus that can spread across different operating systems. When launched, it detects the OS, penetrates the computer and searches for available mobile devices through ActiveSync. The virus then copies itself to the found device. Once in the smartphone, the program tries to perform the reverse procedure - copy itself to a personal computer. The virus can delete user files on a mobile device.

RedBrowser Trojan Virus

Kaspersky Lab announced that it has discovered a virus that supports JAVA platform. This is a so-called Trojan, called RedBrowser. The virus can be downloaded to the phone either from the Internet from a WAP site or via a Bluetooth connection. The Trojan disguises itself as a program that allows you to visit WAP sites without setting up a WAP connection. The virus starts sending SMS to paid mobile services(for example, to the numbers of companies that sell games, ringtones or pictures for mobile phones). The cost of one such message can reach 70 rubles, and they are sent continuously. Thus, an insidious Trojan virus can simply ruin a subscriber in a few minutes. After a virus attack, the user’s account is reset to zero, and in the case of a credit payment system, it even goes into deep minus. Kaspersky Lab notes that the virus is aimed at subscribers of the largest Russian operators mobile communications: MTS, Beeline and MegaFon.

Reasons for the spread of mobile viruses

• software vulnerabilities; low level"mobile" literacy; the attitude of mobile phone owners towards mobile viruses as a problem of the future; curiosity (what will happen if I run this file/game/program?); failure to comply with basic safety rules.

Ways a virus can enter a phone:

• from another phone via Bluetooth connection; via MMS message; from a PC (connection via Bluetooth, USB, WiFi, infrared...); via web or wap sites.

Symptoms of infection

• The appearance - after copying and installing any files (usually “games”) - of all kinds of “glitches” and “bugs”. For example: the phone freezes for no reason, any applications do not launch, it is impossible to open the Received files folder. The appearance of unknown suspicious files and icons. The mobile phone spontaneously sends SMS and MMS, quickly emptying the owner’s account. Any phone functions are blocked.

Destructive (destruction) actions of mobile viruses(one of the unwritten rules is that a virus, once controlled, can do everything in the system that a user can do!):

Unnoticeable mass mailing of SMS and MMS to the user;

Unauthorized calls to paid numbers;

Rapid depletion of a subscriber's account (as a result of calls to paid numbers and mass SMS mailings and MMS);

Destruction of user data (phone book, files, etc.);

Theft of confidential information (passwords, account numbers, etc.);

Blocking phone functions (SMS, games, camera, etc.) or the device as a whole;

Rapid battery drain;

When synchronizing the phone with a computer, a destructive code is sent to the PC;

Possibility of remote control of the device;

How to delete infected files As a rule, it is not possible to delete infected files directly from a mobile phone (regular, not smart). To remove infected files, you need to connect your mobile phone to your PC and use some file manager, for example, for Nokia phones- File manager included in Nokia PC Suite. After deleting the infected files, restart your mobile phone (turn it off and on again).
If deleting infected files does not help, you will have to reflash the phone by contacting service center. I have developed a MEMO “How to protect yourself from mobile viruses”

1. If you have an “advanced” mobile phone, use antivirus software. Be careful when installing all kinds of applications (mobile viruses are especially common in games!). If possible, before copying/installing anything to your mobile phone, check what you are going to copy/install on your desktop PC with an anti-virus monitor with the latest databases.
   Do not install unfamiliar “content” of unknown origin on your mobile phone. Don't allow launch unfamiliar programs. Don't keep Bluetooth on all the time, turn it on only when necessary (and if you have to keep Bluetooth on all the time, use Hidden mode). If someone sends you something via Bluetooth suspicious file, you can always decline his appointment! Do not download files from the Internet directly to your mobile phone. First download them to your PC, check them with an antivirus, and then install them on your mobile phone.

Mobile antiviruses

At the same time, solutions for protection against threats remain and continue to be actively developed - antiviruses today play a fairly prominent role among other mobile applications. Industry mobile antiviruses can offer whole line software to protect your cell phones. We can recall both domestic developments (KasperskyAnti-virusMobile, Dr.Web) and foreign programs, in particular, from the companies F-Secure (F-SecureMobileAnti-Virus), Symantec (NortonSmartphoneSecurity).

Conclusions:

1. Mobile viruses exist! This is no longer a myth, but a real threat!

2. Until recently, it was believed that mobile viruses, if they threaten, were only for advanced mobile phones, owners regular mobile phones there is nothing to be afraid of. Alas, this is no longer true!.. And since... The share of regular phones is at least an order of magnitude greater than the share of smartphones, there is reason to think!

3. Since cross-platform mobile viruses have already been created, adherence to any one OS does not guarantee protection against viruses.

4. The originally existing line between mobile and computer viruses has been erased. Now these devices can mutually infect each other.

5. It took computer viruses more than twenty years to become widespread. Mobile viruses have traveled this path in just two years (obviously, mobile virus writers are actively using their experience in creating and distributing computer viruses).

6. There are about 3 billion cellular subscribers in the world. Many people literally never part with their cell phones. Stored on mobile phones confidential information. It is not difficult to imagine the scale of the consequences in the event of an epidemic of mobile viruses.

Yes - 67, no - 20.

3. Have you ever had a virus infection on your phone?

Yes - 36, no - 49,

4. Are you familiar with anti-virus programs for mobile phones?

Yes - 78, no - 6.

APPENDIX 3

The result of the student survey

APPENDIX 4

Memo “How to protect yourself from mobile viruses”

THE CONCEPT OF MOBILE VIRUSES AND METHODS OF PROTECTION AGAINST THEM

Zubrovsky Gennady Borisovich

4th year student, department information security

And software engineering RGSU, Russian Federation, Moscow

Sirotsky Alexey Alexandrovich

scientific supervisor, Ph.D. tech. Sciences, Associate Professor, Head of the Department of Information Security and Software Engineering of the Russian State social university, Russian Federation, Moscow

Currently, the problem of information security is very relevant. Information as a product can be sold or bought, in connection with which we can say that it has its own value. The value can vary widely, and when we talk about information that can bring high profits, this is where the problem arises related to its protection. Speaking about protection, we can highlight two main points: the loss of the value of information or its disappearance from data storage devices. The first point is related to the negligence of the owners who have any information. The second point most often occurs due to hardware failures of the devices on which data is stored, or due to viruses that have penetrated into certain devices. In my article I want to look at threats to mobile devices and ways to protect against them.

In our age mobile technologies a person cannot imagine his life without his favorite gadget, the functionality of which depends only on desire and the size of the wallet. With the growing penetration of smartphones, millions of subscribers of telecom operators around the world are exposed to malicious software attacks, as a result of which they lose huge amounts of money. However, not all owners of these devices realize the real scale of the threats. We must remember that a smartphone is full-fledged computer which is under control operating system. The most popular platforms for these devices: Apple iOS, Google Android, Windows Phone,BlackBerry.

One of the leading mobile device platforms is Android, which is of particular interest to cybercriminals. About 97% of all existing malware samples for mobile devices are written for this platform.

Mobile virus concept

Mobile virus is small program, which is intended to interfere with the operation of a mobile device (smartphone, tablet) by recording, damaging or deleting personal data. Mobile viruses spread through communication channels (SMS/MMS, Bluetooth, Internet).

The main goal of mobile viruses, like computer viruses, is to obtain personal information, which can be sold or used for personal needs. However, compared to regular computers, the cost of damage from viruses for mobile devices can be higher. This is due to the fact that the user stores a huge amount of personal information on the phone (phone numbers, data from various accounts and mail, photos), in addition, viruses have the ability to send SMS and call paid numbers.

The first real mobile virus, Cabir, was developed on June 14, 2004, by a group of virus writers. Cabir is an application (worm), the harm from it was to send a copy of itself via Bluetooth, which leads to fast discharge device batteries. Intended for mobile devices running operating systems Symbian systems OS. It was developed to demonstrate the fundamental possibility of the existence of mobile viruses.

The Cabir virus constantly scans the airwaves in search of new victims. When a potential “client” is detected, the infected device sends it a 15 KB caribe.sis file. For the subscriber it looks like this: a proposal to accept a certain letter appears on the screen, and if the user agrees, a file with a virus is sent to his phone, after which the system asks permission to install a program called Caribe. If the answer to this question is yes, the worm is installed into the system, copying itself into several directories at once to be sure.

Directions for the development of mobile viruses

There are several directions of virus development that virus writers follow.

1. Theft of personal information

IN in this case viruses collect personal data available on the phone (contacts, passwords, account settings, for example Google Play or AppStore). All information received by the virus is sent to the attackers’ server, where it is used at their discretion. One of the most serious viruses of this kind is Android.Geinimi. Once in the system, it determines the location of the smartphone, downloads files from the Internet, reads and writes browser bookmarks, accesses contacts, makes calls, sends, reads and edits SMS messages.

2. Sending paid SMS messages and calls to the “partner number” without the owner’s knowledge

In this case, for sending a message or making a call, a significant amount of money is debited from the personal account of the phone owner. Of course, the money ends up in the hands of criminals. The most famous such threats include Android.SmsSend, as well as the long-known RedBrowser and Webster for the Java platform. They disguise themselves as various useful programs, thereby instilling trust in the user.

3. Fraud through the use of Internet banking systems

In this case, the virus allows access to mobile application to work with a bank or the corresponding website, or intercepts SMS messages transmitted to the user from Internet banking systems. In my opinion, the consequences are obvious: subscriber subscription to expensive content services or debiting amounts from bank accounts, blocking incoming SMS requests from the bank and secretly sending confirmation SMS about the transfer of funds.

Let us highlight the main reasons for the spread of mobile viruses:

· software vulnerability;

· low level of “mobile” literacy;

· the attitude of mobile phone owners towards mobile viruses as a problem of the future;

· curiosity (what will happen if I run this file/game/program);

· failure to comply with basic safety rules.

Brief overview of mobile viruses

Let's give short review mobile viruses.

Comwar is a very expensive mobile virus. It sends out its copies via MMS messages. Such a mobile virus is dangerous for your wallet only if you have connected GPRS service, because without a connection, the virus cannot send anything. It will, of course, try to do this, but each time it will be stopped by a message saying that the network connection failed, check your connection settings. However, when you always have GPRS connected, the costs will be colossal.

Commwarrior- MMS worm. Distributed via MMS and Bluetooth. Sends MMS messages without the owner's knowledge. The battery drains quickly.

Flexispy- the first fully functional spy, the price of which on the creators’ website was $50: it establishes total control over the smartphone and sends information to the attacker about calls made and SMS sent.

Fontal - this mobile virus, getting into the smartphone’s memory, changes the fonts.

Locknut - this virus replaces a certain number of smartphone files with inoperative files. As a result, after the phone is turned off (for example, when the battery is low), the firmware crashes. And all you have to do is visit the service center specialists.

Metal Gear Solid- disguises itself as a game installation file, after activation it searches for and disables anti-virus programs, after which it becomes problematic to cure the phone.

Mosquit - this virus disguises itself as a phone game, and when it starts, it starts sending out SMS messages.

Ozicom- after installation, the icons change, all the inscriptions under them are in Hebrew.

Pbstealer is a malicious application that steals your personal data (address book data) and tries to send it via Bluetooth.

Sculler - damages notebook telephone, therefore all numbers will have to be dialed manually. It quickly blocks almost all mobile functions, leaving only the ability to use voice operations. It is possible to replace all phone menu icons with your own icons (usually in the form of skulls).

Trojan-SMS.J2ME.RedBrowser- a Trojan that can infect almost all existing models of mobile phones (including regular mobile phones).

Mobile antiviruses

Now let's talk about virus protection methods. Today, most antivirus developers for personal computers began to release mobile versions of antiviruses. Problems of modern cyber threats are being solved mobile versions antiviruses "Kaspersky Lab", "Dr.Web" and others famous manufacturers antivirus software.

There are also network solutions telecom operators, allowing you to do without installing an antivirus on your smartphone. For example, the network version of MTS antivirus, when accessing the Internet from a mobile device, blocks infected web pages directly on the operator’s equipment. Thus, protection is provided at a higher hardware and software level, developed according to information security standards for large enterprises, financial and banking institutions.

Let's carry out comparative analysis five largest antivirus companies:

1. AVG Mobilation Anti-Virus Pro;

2. BitDefender Mobile Security;

3. Dr.Web Mobile Security;

4. Kaspersky Mobile Security;

5. Norton Mobile Security.

1. Call and SMS filter.

2. Antivirus.

3. Technical support.

4. Anti-theft.

Table 1.

Call filtering andSMS

Criteria		BitDefender Mobile Security	Dr.Web Mobile Security	Kaspersky Mobile Security	Norton Mobile Security
“White” / “Black” list of numbers
“White”/ “Black” list of SMS/MMS
Blocking letter numbers
Function “Always allow calls and SMS for numbers from contacts”

Table 2.

Antivirus

Criteria	AVG Mobilation Anti-Virus Pro	BitDefender Mobile Security	Dr.Web Mobile Security	Kaspersky Mobile Security	Norton Mobile Security
Antivirus monitor (real-time protection)
Scan on demand
Scheduled scanning
Scanning separate files and directories
Scan SD card when connected
Web protection (blocking access to infected sites)
Quarantine
Use of cloud technologies
Automatic update of anti-virus databases

Table 3.

Technical support

Criteria	AVG Mobilation Anti-Virus Pro	BitDefender Mobile Security	Dr.Web Mobile Security	Kaspersky Mobile Security	Norton Mobile Security
User guide
Technical support (via personal account/email)
Educational information about the product on the manufacturer's website
Phone support

Table 4.

Anti-theft

Criteria	AVG Mobilation Anti-Virus Pro	BitDefender Mobile Security	Dr.Web Mobile Security	Kaspersky Mobile Security	Norton Mobile Security
Blocking / Unblocking your phone (via website/SMS)	+ (website)	+ (website)			+ (website and SMS)
GPS search (via website/SMS)	+ (website)	+ (website)			+ (website and SMS)
Auto - blocking when changing SIM
Automatic receipt of a new phone number (by phone/email)			(To trusted numbers)	(by phone, by e-mail)
Remote deletion of all data		+ (website)
Remote deletion of selected data				+ (personal data, directories)
Deleting data after a certain number of incorrectly entered passwords			(after 10 pops)		(after 10 pops)
Remote camera shot					+ (website)
List of trusted phones			(up to 5 numbers, password reset, commands without password)		(up to 3 numbers, can reset password and perform any actions)
Remotely turn on the ringtone to find your phone	+ (website)	+ (website)
Customize text on the lock screen					+ (if blocked via the website)

From the above analysis we can conclude that the best antiviruses today are Dr.Web Mobile Security and Kaspersky Mobile Security.

The presented study showed that most antiviruses include fixed dial security components:

· anti-virus engine (scanner and monitor);

anti-theft;

· call and SMS filtering.

Conclusion

In conclusion, I would like to give a little reassurance to cellular subscribers. Experts believe that today the number of mobile viruses has not yet reached a critical point and the danger of infecting a phone is quite small compared to ordinary computer “infections.” So far, viruses for mobile phones have not yet become a real disaster. However, you should not let your guard down. After all, mobile communication technologies are developing rapidly, and along with them, naturally, viruses for cell phones are developing. Therefore, it remains to once again urge caution when handling your mobile phone- and then, for sure, the problem of mobile viruses will not pose anything terrible for you.

In conclusion, I would also like to highlight a list of rules for handling mobile devices in order to avoid the possibility of infection with viruses.

1. Use antivirus programs.

2. You need to be careful when installing all kinds of applications on your smartphone.

3. Don't keep Bluetooth on all the time, or use hidden mode.

4. Don't run unfamiliar programs.

Bibliography:

1. Protection against mobile viruses [Electronic resource] - Access mode. - URL: http://www.utro.ru/articles/ 2013/10/29/1153228.shtml (accessed November 20, 2013).

2. History of mobile viruses [Electronic resource] - Access mode. - URL: http://andromania.org/2011/02/13/mobil-nye-virusy.html (accessed November 21, 2013).

3.Mobile viruses [Electronic resource] - Access mode. - URL: http://www.ferra.ru/ru/mobile/s26687/ (accessed November 18, 2013).

4.List of mobile viruses [Electronic resource] - Access mode. - URL: http://netler.ru/pc/mobi-vir.htm (accessed November 18, 2013).

5. Comparison of anti-virus programs [Electronic resource] - Access mode. - URL: http://www.anti-malware.ru/compare (accessed November 20, 2013).

As experts and developers of antivirus programs say, mobile viruses are great accelerators: if computer viruses it took 20 years to reach full bloom; mobile “worms” crawled this way in 2-3 years.

For example, back in 2003, Evgeny Kaspersky, whose name is undoubtedly familiar to every computer owner, said that the appearance and threat from mobile viruses was very unlikely, and just two years later, the first mobile virus thundered around the world with all its might, causing a significant damage - Cabir, a worm for Symbian OS.

Now viruses have grown, improved and learned many things. In general, there is an unwritten rule among the authors of malicious software that a “correct” virus must do everything that a user can do.

Therefore, today viruses can:

• send SMS and MMS without the user noticing, especially with personal data and photos
• hack and send “cloud archives”
• make calls without the user noticing to paid numbers (in minimized window mode, silently)
• data destruction
• stealing passwords, account numbers
• fast battery drain
• sending yourself via (e-mail, WiFi, Bluetooth)
• allows the virus author to remotely control your phone

So if you downloaded a suspicious one, but cool game, or clicked on the banner “speed up your mobile phone”, “discharges quickly? pump up the battery” and so on, then be prepared for the first symptoms such as an unreasonable “freeze”, the appearance of new icons, or failure of phone functions.

What viruses, from the old ones to the newest ones, can you catch on your favorite phone?

1. Cabir- the very first and most harmless. It simply clutters everything within reach via Bluetooth with its copies, causing phones to “slow down.”

2. Cardtrap- installs Trojans on the memory card to hack Win32 systems

3.Flexispy- reads your calls and SMS and sends them to the attacker. Previously, it was even sold to all sorts of jealous people and private detectives for $50.

4. Cxover, Mobler.a- viruses that sneak into your PC through synchronization with mobile device, and then carefully clean up their tracks, removing themselves from the phone. By staying on the PC, they steal personal information.

5.Wesber- steals money from the account via SMS. The virus is distributed in the form of a file called pomoshnik.jar.

6. Metal Gear Solid- you seem to be downloading famous game, but in reality you install a virus that does not allow you to turn off the phone and disables all antiviruses

7.Commwarrior- a worm “specializing” in sending paid MMS and record-breaking battery drain

8. Skulls- replaces all application icons with skull and crossbones, preventing them from opening from the desktop

9. RedBrowser- is loaded as a setting for visiting WAP sites, and then starts sending paid SMS, downloading paid porn pictures, ringtones and other rubbish to you

10. Podec - newest virus, distributed via VKontakte. Infects Android users and signs them up paid services social network. Bypasses protective system SARTSNA, which checks whether a person or program is real, using the text recognition service Antigate.com. After installation, it begins to hide the real price of the service from the user, and also gives itself administrative rights so that it cannot be removed.

To protect your mobile phone from viruses, first of all, you need to be vigilant. Today, on a phone, just like on a PC, you can’t click on different recruiting banners and download everything that seems interesting. Anti-virus software would also be useful: for the particularly vigilant, paid Kaspersky, or free, but quite good and popular Avast or Doctor Web (versions for mobile phones).