“The discovery, reported by John Hering of the Lookout security firm, was covered in a report by Reuters, which inaccurately described the malware a ‘virus’ and misleadingly referred to the exploit as being orchestrated by ‘hackers,'” McLean reports. “In reality, the malware was simply the product of malicious mobile software developers who misrepresented their work as safe, and distributed it through ‘sites that provide legitimate software for mobile devices.'”
“The fraudulent mobile software for Microsoft’s smartphone platform punctuates the warnings Apple has been sounding about security-free software distribution, and underlines why the company has maintained a strict policy that forces iPhone mobile developers to get their work approved by and cryptographically signed for distribution by Apple itself,” McLean reports. “Critics have chafed at Apple’s secure software signing model and have praised Google’s alternative Android model, which enables users to download software from any source, without any security model in place, at their own risk.”
McLean reports, “The appearance of malware on Windows Mobile is particularly interesting because the motivation of this assault was entirely financial. That being the case, the fact that the malicious developers targeted Windows Mobile, which is almost entirely limited to the US and now trails Symbian (42%), RIM (21%), and Apple’s iPhone OS (15%) in market share (9% over the last year), throws decades of Windows-based punditry on its head because ‘malicious hackers’ supposedly only target the largest platform.”
Read more in the full article here.
MacDailyNews Take: Security via obscurity disproven yet again. For further reading, please see: Unlike proactive Apple, reactive Google doesn’t block malware from Android app store – June 04, 2010