The FBI recently put out a mobile malware alert, providing us with a sobering reminder of this “evil software” for phones and tablets. In this particular case, the FBI was warning against the Finfisher and Loofzon malware, which spies on our data and leaks GPS positions to track our movements. While these threats appear to have been developed for government surveillance purposes, they can of course be used by any organization.
And therein lies the problem. Mobile malware affects all of us.
Unfortunately, the advice the FBI alert shared was vague and maddeningly difficult to follow. For example: “Users should look at the reviews of the developer/company who published the application” and “Turn off features of the device not needed to minimize the attack surface of the device.” Heck, I’m a security researcher, and I’m fuzzy about what all that means.