QR Codes – Are They Safe?


This gallery contains 3 photos.

Those intriguing patterned blocks  on products, signs, posters, ads, websites and hundreds of other places, are definitely here to stay.  QR Codes (Quick Response) are a technological leap beyond the old bar codes with which we’ve become so familiar the … Continue reading

Cross-Platform Attacks are Real

Computers and Smartphones aren’t so different.  Researchers at NQ Mobile Security Center identified and confirmed a surprising new threat that showed up last month on Google Play.

Syncing up your mobile gadgets using your PC’s USB port is routine stuff, but could an electronic infection be exchanged in the process? Apparently, yes.

Here’s how it works

Security experts discovered that a new malware was able to hijack a legitimate Android cache-cleaning app. The malware came to life when a mobile device was synchronized with a PC using the computer’s USB port. You know how when you plug something into a PC port or drive, the “auto-run” feature kicks in? This malicious app delivered a “USB AutoRun Attack.”

Here’s what it can do

This sinister variety of malware can be designed to target the Autorun.inf file in your Windows-based computer system, sending worms or Trojans across that try to load a rootkit. The worm tries to copy itself to all the PC’s drives, including removable ones such as flash drives, as well as mapped network drives. Some of these treacherous worms will also try to disable your Windows anti-virus software.

Even worse…

This type of malware is able to deliver multiple instances of something used by Windows called “svhosts.exe” files to your computer during the mobile syncing process. Through an engineered “back door” to the files, cyber criminals can gain access to a PC, and download files that steal data and capture keystrokes–-such as bank account numbers. The data is typically encrypted and sent to locations such as the Ukraine, Russia or Brazil. The virus can store its ill-gotten treasure on your phone’s SD card, or any other non-system Android folder in your mobile device’s memory.

Not surprising

If you make your living developing mobile malware, and you spend hours looking for ways to quickly and efficiently multiply your demons, it would make logical sense to design them so they are able to transmit themselves between a PC and a mobile device. It was only a matter of time. Experts call this kind of exchange a “cross-platform attack.” Makes sense.

What to do

Mobile security apps provide ongoing protection beginning before the download of apps and software. NQ Mobile Security™ detects and quarantines this malware prior to installation of the malicious files on an SD card.

Given the malware threat posed by the Autorun.inf file, here’s some info that may help:

Windows XP/Vista users:

Have you downloaded this February, 2011 Windows patch? AutoRun disabled by default”?

If not, be sure to get it at http://support.microsoft.com/kb/97102 to avoid this cross-platform malware problem.

Windows 7 & 8 users

Lucky you! Microsoft fixed this issue with Windows 7 and 8, disabling the AutoRun feature by default.

A further option is detailed in our White Paper, which you can read here.

As the world’s largest mobile security provider, NQ Mobile believes families should possess the most comprehensive knowledge base on all aspects of mobile security and privacy when using Android, BlackBerry, Symbian, Windows Phone and Apple iOS devices. NQ Mobile aims to inform and educate families on the current and future threats and suggest simple methods on how to stay safe and free from unwanted charges when using a mobile device.

Join the discussion on Facebook or comment on our blog. We’d love to hear from you.

New Affiliation: NQ Mobile and Phones 4u


This gallery contains 2 photos.

Read our Press Release NQ Mobile’s announced its new collaboration with Phones 4u, a major mobile retailer in the UK.  More than 600 Phones 4u retail outlets will now offer NQ Mobile Security to their customers, as we at NQ … Continue reading

Wireless + NQ = Mobile Security For More of Us

Read our press release.

More exciting news! NQ Mobile announced this week that we’ve partnered with another Verizon-authorized dealer, “Wireless,” in our ongoing efforts to get mobile security into the hands of as many smartphone users as possible.

Wireless will offer NQ Mobile Security, Vault for Android and Family Guardian at more than 80 retail locations across the country.  Shawn Cunix founded Wireless back in 2001 to provide Verizon Wireless services to central Ohio. Since then, Wireless has grown from one store to 80+ stores, with over 300 employees across the United States.

What does it mean for smartphone customers?

In our ongoing effort to educate and protect smartphone users, our new deal with Wireless will expose even more smartphone customers to the peace of mind our products provide.

“Retailers such as Wireless are essential collaborators in our efforts to protect mobile users throughout the U.S. “said Omar Khan, Co-Chief Executive Officer, NQ Mobile. “By educating their customers about the security, privacy and family mobile safety issues and offering access to solutions such as NQ Mobile’s, Wireless is taking an active role in protecting their customers vital mobile information.”

“Wireless recognizes that a safe mobile experience is essential for customers as data devices continue to increase in popularity and replace other connected devices,” said Anthony Snare, Director, Wireless.  “We are thrilled to partner with a global leader in mobile security solutions, which allows us to offer unparalleled security, privacy and family protection services for our Verizon mobile products nationwide.”

Why NQ Mobile?

NQ Mobile Guard detects and deletes viruses, malicious URLs, and other threats before a user even knows they exist. NQ Mobile’s security technology, outperformed all competitive mobile security platforms in a West Coast Labs Comparative Test. Our security technology was also a top performer in effectiveness, with a 99 percent malware detection rate, in research conducted by AV-TEST Institute, a leading international and independent service provider in the fields of IT security and anti-virus research.

NQ Mobile Vault for Android, launched earlier this year, has become a top app on Google Play with an average user rating of 4.5 out of 5 stars. The app lets consumers password- protect and encrypt photos, videos and other sensitive information on their smartphones.

Our newest product, NQ Family Guardian, is a unique parental mobile management suite for safety and monitoring. Family Guardian’s a mobile app that’s downloaded and installed on the child’s smartphone, as well as a web-based control center that’s accessible from any desktop or mobile browser.  The app’s currently available for Android devices, while the control-center is compatible with any web browser.

Twelve Smartphone Habits to Break

The NCSA makes a good point each October when they urge people to become more aware of online safety concerns.  It’s a month when we all see the message somewhere – at the workplace, our kids’ schools and on the Internet.  It’s a great wake-up call, and we at NQ Mobile fully support the idea of waking up to smarter online practices.

It’s important to remember that developing awareness of online safety may involve changing some ingrained habits. Habits aren’t always easy to break and they often don’t change overnight, just because we intend them to.

What are your bad habits?

It’s even harder to break bad habits if we’re not even aware we have them.  Explore these “bad” smartphone habits and see if a change is in order in your mobile life.

1)     I leave my phone unlocked all the time so I don’t have to log in every time I want to use it.

2)     I feel free to share all kinds of information about my family online – we have nothing to hide.

3)     I love to post photos and check in from cool locations when I’m on vacation or traveling.

4)     I snap and post photos of my friends – they should be flattered.

5)     I never update my system – it’s a hassle and the prompts are a nuisance.

6)     I use the easiest password I can think of so I don’t forget it and I use the same password for everything online — it’s easier to get things done.

7)    Sometimes I do a little texting while I’m driving.  I’m a really safe driver.

8)     I leave the geo-location features on my phone turned on in case I want to use them.

9)     I never notice the URL when I’m visiting a website.

10)  I love free stuff and I take advantage of pop-up ads whenever I want.

11)  If someone I don’t know texts me, I respond or click on links in the message.

12)  I never read permissions screens on apps – they’re boring and confusing.

Shared responsibility

NCSAM’s theme this year is individual shared responsibility for safety.  If we don’t pay attention to habits that could spread malware and jeopardize our safety, we’re contributing to the problem, not the solution.  In addition, as parents and adults, it’s simply our duty to teach kids good smartphone habits.

The Internet is a valuable resource we need to honor.  Let’s all make an effort to keep the cyber crooks and criminals at bay, and to keep ourselves, our loved ones, our finances and our privacy safe and secure.

If you see yourself in this list of not-so-great habits, make an effort to change the way you do things with your smartphone.  We all have a few extra seconds to log in again, and a little discretion is worth a lot when it comes to protecting our privacy and resources.  Let’s all get on board with NCSA and practice safe, healthy habits, and teach our kids to do the same.

Talk to us about your thoughts and opinions when it comes to smartphone safety.  We’d love to hear your comments on Facebook and Twitter!


NQ Mobile announced its discovery of a unique new app-pusher form of malware called DyPusher.  We’ve seen other “pusher” types of malware before, so what makes this one different?  A couple things.  Stay with us here – it’s not as complicated as it seems.

You won’t see an icon for it because DyPusher’s disguised in your phone as a harmless system file, and it goes into action when your system’s booted. After uploading all the info about your phone to a remote server, DyPusher downloads “JAR” files to your mobile device’s system without your consent or knowledge. (A JAR file holds a number of files and resources in one place so that app software can be distributed on the Java platform.)

The job of DyPusher’s remote server is to compare your data with a list of installations, and to respond by sending back an encrypted string, which is actually a downloaded URL. DyPusher hides the string in a shared object file, decrypts it and — presto — a new app magically downloads itself from the Internet into your mobile device. 

There’s a lot more technological trickery involved, but what does it all mean for us? It means that this malicious thug, DyPusher, will download unwanted apps from the Internet into your mobile phone’

NQ Mobile Security users are already fully protected from DyPusher and other malware threats.  If you don’t have a powerful mobile security application on your phone, we recommend that you take the following precautions to prevent any damage from DyPusher (and other threats):s system without your knowledge or consent, causing excessive battery use and data flow consumption which, in some areas, can be expensive. Even worse, the malware steals your personal information, making it a privacy threat.

  • Only download applications from trusted sources, reputable application stores, and markets. Be sure to check reviews, ratings, and developer information before you download anything.
  • Never accept application requests from unknown sources, and closely monitor permissions requested by any application. An application shouldn’t request permission to do more than what it says it will do in its privacy policy.
  • Look out for unusual behavior on your smartphone, such as your device shutting down unexpectedly or displaying constant pop-up messages.
  • Download NQ Mobile Security for Android today to make sure you’re protected against mobile malware and other privacy threats.

Have unwanted apps appeared in your Android phone?  What were they?  What did you do about them?  Share your stories with us on our blog, or post your comments on our Facebook page.