Mobile Phone Acting Funny? It Could be Malware.

The growing mobile malware scourge makes news every month. Perhaps you’re one of the lucky folks who’s never had an experience with fraud or malware, but fraudsters who make a living with it are reaching new lows these days. If your data’s being siphoned off, your privacy invaded or your money being swallowed up,  how would you know?  Here are a few things to keep an eye on.

  • Has your phone’s behavior become slow or erratic?  Does it act sluggish when performing the same functions it did rapidly in the past? Is its battery draining at a more rapid pace than usual?

If malware has entered your phone’s system, it could be performing activities in the background, such as placing unauthorized text messages to premium numbers, sending out bots that gather and transmit your contact information, or other mischief.

  • Do you notice when you’re talking on your phone that your calls get disturbed, or even dropped completely, for no apparent reason?

girlscoolclimateberkeley3Same answer.  Each form of malware has a specific task, whether it’s a bot that collects and sends out your data to a remote location, or a Trojan that opens up and releases viruses, or bots that have other specific jobs. Bad code is programmed to go to work once it’s downloaded and receives a pre-determined signal to wake up. What you could be noticing is background activities that are interfering with your phone’s normal functions.

  • Check your phone bill carefully. Are there charges for SMS messages you know you didn’t send, or are small charges appearing that you can’t explain?

Some malware has the ability to dial out text messages from your phone to “premium” numbers, which automatically charge you for the call. This can be happening repeatedly without your knowledge. This happens in the background – you don’t see or hear it happening, but you’ll see the charges on your bill – they can become very expensive if they aren’t caught early.  Small charges on your bill might indicate that your account’s being tested for viability.

As a matter of course, always check your credit card and bank statements. If you’ve downloaded malware that might have stolen your passwords or financial data, you could see your credit being used for things you never dreamed of buying.

  • Are you receiving odd SMS or voice mail messages, or have your friends asked why you’re sending them strange messages?

Some malware is designed to steal your contacts, as well as spreading spam or phishing ploys to everyone on your contact list. If someone mentions a weird email from you, get your phone scanned and protected immediately.

Before you download apps, take a moment to look up reviews, and make sure you get all your apps from reliable sources, such as Google Play. Never, ever accept a free app, and try to avoid clicking on spammy ads and offers. Educate yourself about URLs, and how to spot one that doesn’t look right. Change your password frequently and keep your geo-location features turned off when they’re not in use. Finally, don’t respond to any SMS messages, voice messages or emails from a sender with whom you’re not familiar.

Strong mobile security protection can detect and prevent any form of nasty malware that threatens your phone. With just a single download you can cross malware concerns off your list. Do it today, and relax about malware.

Women Love Smartphones

We’re not going to bore you with an effusive discussion about selfless Mothers this week. As much as we love them, mothers are women first so, instead, with all due respect to mom, we want to talk about women’s growing fondness of smartphones.

A recent survey showed women inching up past men in the smartphone-owning category. Chances are your own mom has a smartphone. Whether she’s a young stay-at-home mom, a mid-life professional or a retired grandparent, women love the conveniences afforded by smartphones.

In 2010, a UK survey showed that 63% of men owned smartphone, as opposed to women, whose ownership percentage was then 37%. Now, in 2013, that balance has changed. The same survey now shows women claiming 58% of the smartphone pie, while men follow with 42%.

Clearly, women have jumped onto the cell phone bandwagon in greater numbers as the technology became just too good to resist. Larger screens, super cameras and easy interfaces have made the smartphone a factor in women’s lives more than ever. The advances in kid-tracking apps and practical tools for just about every function of daily life have boosted women’s interest in smartphones considerably, not to mention the plethora of business and learning apps. With the huge workload most moms carry, a smartphone is a welcome addition to the family.

Do your mom a favor this Mother’s Day. If you’re far away, give her a call. If she doesn’t have a smartphone, get her one. While she lounges on the beach, arranges those roses or leisurely works on that five-course gourmet meal you’ve cooked for her, offer to do a little maintenance and checkup on her new phone, or the one she already owns.

While you’re making sure all the updates have been downloaded and her settings are all in good order, go ahead and download a strong mobile security product to keep her phone safe from malware, and to protect her privacy. She protected you for years – maybe it’s your turn. Happy Mother’s Day to the wonderful women in your life.

Catch Up With the Latest News from NQ Mobile’s Research Team

Around the globe, NQ Mobile’s team of security professionals are taking the pulse of the mobile landscape every day. They report back all the good news – like, about how we consumers are doing better at protecting our mobile devices – and sometimes they have some less-than-pleasant news to report. Unfortunately, that’s the kind of news they have for us this week.Malware discoveries by year

Our researchers are noticing an increase in skilled hackers partnering up with criminals by selling them data that they’ve stolen. In turn, cybercriminals are using the info they purchase to get access to the finances of consumers like you and me. They use tricky methods that, in the mobile business, are called “social engineering.” In simple terms, they manipulate unwitting consumers into giving up their valuable confidential information.

Tremendous growth, worldwide

Our professionals estimate that more than 10 million devices have already been infected in the first quarter of this year!  Here are some of their key findings:

  • Over 32.8 million Android devices were infected in 2012 vs. 10.8 million in 2011 – a whopping increase of over 200 percent
  • The top five markets for infected mobile devices were China (25.5%), India (19.4%), Russia (17.9%), United States (9.8%) and Saudi Arabia (9.6%)
  • 65% of malware discovered in 2012 falls into a broader category of Potentially Unwanted Programs (or PUPs). PUPs include root exploits, spyware, pervasive adware and Trojans (surveillance hacks)
  • 28% of mobile malware discovered in 2012 was designed to collect and profit from a user’s personal data
  • 7% of malware was simply designed to make a user’s device stop working (i.e., “bricking” their phones)

Our Co-CEO, Omar Khan, said “The security industry’s ‘discover-first-and-inoculate-second’ strategy is no longer enough,” said Omar Khan , Co-CEO, NQ Mobile. “We need smarter systems that can discover threats before they infect consumers as well as more education so consumers can better spot and avoid these new mobile scams.”

What we can do as consumers

The very first step we can take is to make sure we have the strongest mobile security Global infection ratesproduct available on our mobile devices. When purchasing a new phone or tablet, make this your first priority. If you already own mobile devices, take a moment to get them protected from all the viruses, scams and malware that have the potential to invade your privacy and steal your assets.

Cyber criminals get trickier every day. As consumers, we need to get ahead of them and become a cohesive force to thwart their illegal activities. Cyber crime is no joke. Don’t wait until it happens to you. No one’s exempt. Protect the privacy and well-being of your family and business as a first priority.

Read our news release for more information.

Your Mobile Phone, Spruced Up for Spring


This gallery contains 3 photos.

Spring is a beautiful time of year. Kids are playing outside, people are tending their gardens and nature‘s putting on a show.  It’s a great time for connecting with family and friends, after a long winter.  Send your friends an e-card, … Continue reading

Cross-Platform Attacks are Real

Computers and Smartphones aren’t so different.  Researchers at NQ Mobile Security Center identified and confirmed a surprising new threat that showed up last month on Google Play.

Syncing up your mobile gadgets using your PC’s USB port is routine stuff, but could an electronic infection be exchanged in the process? Apparently, yes.

Here’s how it works

Security experts discovered that a new malware was able to hijack a legitimate Android cache-cleaning app. The malware came to life when a mobile device was synchronized with a PC using the computer’s USB port. You know how when you plug something into a PC port or drive, the “auto-run” feature kicks in? This malicious app delivered a “USB AutoRun Attack.”

Here’s what it can do

This sinister variety of malware can be designed to target the Autorun.inf file in your Windows-based computer system, sending worms or Trojans across that try to load a rootkit. The worm tries to copy itself to all the PC’s drives, including removable ones such as flash drives, as well as mapped network drives. Some of these treacherous worms will also try to disable your Windows anti-virus software.

Even worse…

This type of malware is able to deliver multiple instances of something used by Windows called “svhosts.exe” files to your computer during the mobile syncing process. Through an engineered “back door” to the files, cyber criminals can gain access to a PC, and download files that steal data and capture keystrokes–-such as bank account numbers. The data is typically encrypted and sent to locations such as the Ukraine, Russia or Brazil. The virus can store its ill-gotten treasure on your phone’s SD card, or any other non-system Android folder in your mobile device’s memory.

Not surprising

If you make your living developing mobile malware, and you spend hours looking for ways to quickly and efficiently multiply your demons, it would make logical sense to design them so they are able to transmit themselves between a PC and a mobile device. It was only a matter of time. Experts call this kind of exchange a “cross-platform attack.” Makes sense.

What to do

Mobile security apps provide ongoing protection beginning before the download of apps and software. NQ Mobile Security™ detects and quarantines this malware prior to installation of the malicious files on an SD card.

Given the malware threat posed by the Autorun.inf file, here’s some info that may help:

Windows XP/Vista users:

Have you downloaded this February, 2011 Windows patch? AutoRun disabled by default”?

If not, be sure to get it at to avoid this cross-platform malware problem.

Windows 7 & 8 users

Lucky you! Microsoft fixed this issue with Windows 7 and 8, disabling the AutoRun feature by default.

A further option is detailed in our White Paper, which you can read here.

As the world’s largest mobile security provider, NQ Mobile believes families should possess the most comprehensive knowledge base on all aspects of mobile security and privacy when using Android, BlackBerry, Symbian, Windows Phone and Apple iOS devices. NQ Mobile aims to inform and educate families on the current and future threats and suggest simple methods on how to stay safe and free from unwanted charges when using a mobile device.

Join the discussion on Facebook or comment on our blog. We’d love to hear from you.

Reminders for Safer Internet Day 2013

Today, February 5, 2013 marks the 10th anniversary of Safer Internet Day, a global effort to promote a higher awareness of safer and more responsible use of online technology and mobile phones.

The good people at InSafe take this special day to remind us all to “connect with respect.” More people than ever are using mobile to connect to the Internet.  In the UK alone, 55% of teenagers consider their smartphone to be their primary screen, according to Orange Exposure 2012/2013Google Mobile Planet found that a whopping 76% of smartphone-owning adults in the UK use their mobile devices to browse the Internet. These stats reflect a pattern that’s repeating itself around the globe.

Why worry about mobile internet?

During the last quarter of 2012, NQMobile researchers detected 7 million malicious URLs, or an average of 90,000 per day. A 125% increase over Q2 numbers, this astonishing number is certain to continue climbing.

It’s increasingly important to understand how we can protect ourselves from security threats as we enjoy surfing the web on the go. As our Safer Internet Day contribution, we at NQ Mobile want to highlight the growing threat of malicious URLs.

Five ways to avoid fraudulent URLs:

1.       Double check the URL field: Just because the URL you click says one thing, it doesn’t necessarily mean that’s where it will direct you. Since it takes a bit more effort when mobile browsing to view the address you are visiting, it’s easier for a fraudulent URL to escape your notice than if you were browsing on a computer. Get into a habit of checking the address bar to be sure you’ve been taken to where you intended to go. If the web address looks odd in any way, leave the site immediately.

2.       Be wary of addresses made up of numbers: If the URL shows as, or something similar, it’s not a safe spot to be. Many inexperienced malware authors will use an IP address for their fraudulent website rather than assigning it a name. They hope that it will escape your notice. If you check the URL and see only numbers, it’s possible it’s an UNSAFE website. Get out of there!

3.       Verify the top level domain (TLD): The TLD is the extension that follows the domain name in a site’s web address.  Examples are .org, .uk, and .com. Many fraudulent websites can fool you by mimicking the URL of the legitimate site, using a slightly different TLD. For example, with a link like, the domain looks like it’s “yourtownbank,”  but it’s not – it’s actually “”  To be safe, always glance at the TLD, just to be sure you haven’t landed on a fraudulent site.

4.       Spelling counts! Scammers often rely on using URLs that look similar to legitimate ones. A common trick is to change just one letter of the legitimate domain name – a trick that escapes the notice of most consumers. For example, instead of, a false URL may be shown as Again, the difference may be slight, but the damage can be devastating. Rule of thumb: if a misspelled domain name takes you somewhere, it’s probably not a legitimate site.

5.       The “S” in “https” stands for secure: Never buy something from an insecure website. When shopping via mobile device, always look for the “https” on your domain name before entering your payment information. Most often, a secure website will have a locked padlock symbol to the left of the URL. Look for the “S” and the padlock before entering any private information.

Remember, criminals don’t expect to snag everyone with these scams, but it only takes a few to keep them in business. NQ Mobile recommends staying vigilant, and for the best protection, install a trusted security application that can safeguard against threats like malicious URLs, malware, spyware, viruses, hacking, eavesdropping, and other threats before they can turn your world upside down.

From all of us at NQ Mobile, we sincerely wish you a Happy Safer Internet Day!