When was the last time you deleted something from your mobile phone? For me it was just a couple of days ago when I decided I would delete the text I received from my mobile phone provider confirming my account password.

That was dangerous, but I’m safe now. At least so I thought until I read a very interesting article on the New Scientist website that described how one of their journalists went to an office in Tamworth, UK. They found that nearly everything they thought they had deleted was readily available with only a few minutes and some interesting software.

The article can be found here and is a very interesting read, if a little unnerving.

Have you seen a request to install an application that you don’t remember requesting? Or haven’t heard of?

Sexy Space sounds like an interesting idea! Let’s install it and see what happens!
‘Click yes’

Like any installed program, you have to agree to certain terms and conditions and licenses – sound genuine so far?

Even when you see the certificate details, the issuer can appear to be quite genuine!

So you go through the installation process believing you are going to get a new application that you’ve no reason to believe is not genuine.

Being aware of who the supplier is i.e. in this case, Play Boy, might begin to ring alarm bells.

When the program is installed it will be located in a protected area of your phone which can only accessed using customised software specific to that device. UMU’s Virus Analysts use FExplorer in conjunction with in house analysis tools to locate and profile suspect files. In this demonstration, the video shows the infected file running as a background process on the phone.

FExplorer is one of several file explorer applications that are available to help locate hidden files often used by malware on phones. However this is only a small part of the required analysis to stay on top of the ever evolving malware.

Use of UMU Scan anti-virus software can get rid of these nuisance files that affect your phone and return it to normal working order.

DON’T FORGET – if you didn’t request software from a genuine site – then you never asked for it – so don’t install it!

Here at UMU we are constantly trying to improve our applications by adding new features and optimising existing application components, so I am always asking our development what they are working on.

This week the head of the development team explained that they were working on an update to the engine used in the UMU Scan application. He said they were trying to improve the engine’s ability to protect against the increasing amount of malware in the wild.

I asked him to explain how they could improve the ability of the engine and was speed of operation not the main thing to improve. He laughed and explained that while speed of operation is always important in product development, expanding the engine’s abilities is also very important in order to provide the best defence against the variety of malware that is starting to surface. Ok I thought, but, what are the improvements made in this update and why should I care. He went on to explain that the more instructions our virus analysts can use, the more effective signatures can be.

Ok, I have it, more instructions means better signatures which allows better detection of malware, but I had to ask, will these extra instructions not slow the application down. He explained that, whilst adding new instructions, they have also been making improvements to how the engine applies those instructions in order to avoid any reduction in performance. He went on to say that during the recent testing of the update they noticed that the engine speed had improved by about 10%.

So there you have it. This update will be included in the next release of the UMU Scan application, which is currently due within the next week or two. I will of course keep you posted!

Malicious software, typically called ‘viruses’, ‘malware’, or ’spyware’ are programs designed to infect or damage mobile phones without the user’s informed consent. The potential for damage is great as many types of malicious software attempt to collect sensitive information such as contact names or billing information. There are several distinctive types of malicious software, all of which you should be aware of while using your phone.

A virus, the most commonly variety, spreads when an infected file is executed. Once an infected file is opened, the virus spreads to other executable programs in your phone that once executed will perform its malicious routines.

A Worm is a self-contained malicious program that actively transmits itself over the network to other mobile phone users via messaging, via Bluetooth or via memory cards. It differs from a virus in that it does not have the capability to infect programs installed in the mobile phone. It can still carry a destructive payload.

A Trojan Horse, much like a virus, is a malicious file with hidden functions. Unlike viruses and worms, it does not have the capability to spread on its own. It may arrive on the phone via other means such as downloading through untrusted sites. A Trojan Horse may give others unsolicited and unfettered access to your phone. It can also carry payloads that can range from non-destructive to destructive such as installing other malware onto your phone, sending messages without the user’s consent causing a high phone bill, overwriting installed applications, reformatting the device or locking the phone rendering it unusable.

Spyware are programs designed to pose as valid program applications without any ulterior motives. In truth, it can monitor and collect information such as device version, network provider, phonebook entries, messages being sent and received. Some of the more advanced examples can allow an attacker to listen in live to your telephone conversations, use your handset as a bugging device and even track your location.

How to avoid getting a virus?

• Have an up to date anti-virus program running at all times
• Run this program regularly and keep it updated!
• Turn off Bluetooth.
• Turn off Bluetooh. Allowing an open Bluetooth connection will make it easier for malware such as worms to propagate or get into your mobile device. This provides the first line of defense against someone who might try to access your phone without your permission.
• Make regular backups.
• Make regular backups. If you make regular copies of your personal files and store them in a safe place, you won’t lose any valuable data in the event that a destructive virus infects your phone.
• Only download from trusted web sites. If you want to download a file from a web site, make sure it is from a legitimate and reputable source. If you are uncertain, make sure you scan the file for viruses before opening it..
• Beware of email or MMS attachments. Do not open any email or MMS attachment if you do not know the sender or are unsure about it. Even if the attachment comes from a trusted source, always exercise extreme caution with file attachments. Never download or execute a file attached in an email or MMS. Always scan the files for viruses before opening them.

How do I know when I have a virus?
If your phone behaves erratically, crashes unexpectedly or if some of your programs do not work correctly, your phone may be infected by a virus. However, do not blame any phone problem on a virus! If you suspect your phone is infected, the first thing to do is run your antivirus software. The program will scan your phone and display a diagnostic.

What to do if I find a virus?

• If your antivirus program has identified a virus, it will display instructions to remove them safely from your phone. Follow the recommended solution to clean your phone.
• If the virus is in the memory of your system, you may need to perform a system recovery.
• If the virus has overwritten some files, you need to delete these files. You can only restore these files if you have previously made backups.
• Notify anyone in your address book or anyone you may have shared files with.