My wife is obsessed with mobile phones. She constantly has a phone to her ear or she is texting. As we ride in the vehicle it is common for her to break from the middle of our conversations to answer one of her 5 mobiles or reply  to a text message. It is like pulling teeth to get the phones away from her…she sleeps with the phones in the bed.

As a Nurse Supervisor, our sleep is constantly broken with calls concerning schedule changes, procedural queries etc. One of her favorites is an iPhone 3G. I checked to see if her phone was jailbroken after she bought it from a co-worker.  I SSH’d into it and changed the password (Alpine). I changed all default passwords for root and mobile user. She finally got around to asking me why I was changing things in her system. I explained to her how malware can silently copy her personal data—"e-mail, contacts, SMSs, calendars, photos, music files, videos, as well as any data recorded
by any iPhone app" and send the data back to the machine running the malware.

Can my Smartphone Get a Virus?

She then asked me the daunting question, ‘Can my Smartphone get a Virus’? I told her a resounding ‘Yes’. I went on to explain how in November specific attacks on jailbroken iPhones exposed, iPhone/Privacy.A.  The malware scans for phones  on a given network with an open SSH port, then attempts to log in using the default root password that is the same on  all iPhones. Once the bad guy gains access to your system, you may be in for some serious trouble. They even had the  Optus (mobile network) worm (which originated in Australia) showing users they were vulnerable if they failed to change default passwords. This malice can give bad guys ideas to unleash a more despicable payload. Jailbroken iPhones  with default passwords are targets.

A hacker could go in your local retail store and easily install iPhone/Privacy A on a computer on display and set it  to scan all iPhones that pass within its network range…He could even install the tool on his own iPhone and use it to scan for jailbroken phones as he attends to his daily routine.

The Smartphone can either be used to spy on you or it can maliciously drain your battery, delete your personal or business information and even render certain features completely nonfunctional. Imagine your iPhone being used by a hacker as an onboard tape recorder or taking pictures without your knowledge.

Spyware Removal for Mobiles

I told her a product called VirusBarrier X5 (from Intego) has a pretty good reputation for identifying and removing the malware if it's installed on a Mac, and the tool can also be installed on a Windows or Linux PC, or even another iPhone.

Many companies have developed packages (for Smartphones) since the first known (truly malicious) code got into the wild. While jailbroken iPhone users with default root passwords need to worry about Apple locking security down on the platform, other Smartphone users have a variety of excellent choices to choose from. The Top 10 for 2010 are:

1. Kaspersky Mobile Security
2. SMobile Security Shield
3. BullGuard Mobile Antivirus
4. Norton Smartphone Security
5. F-Secure Mobile Security
6. Trend Micro Mobile Security
7. Airscanner Mobile Security Combo
8. McAfee VirusScan Mobile
9. SimWorks Anti-Virus
10. Avast! PDA

They are excellent choices for proactive protection against MMS and SMS messages, downloadable content, public Wi-Fi,  Bluetooth connections etc. They give protection over the most vulnerable smartphone features to include:

• Text messages
• Contacts
• Video
• Phone transcriptions
• Call history
• Documentation and Buffer overflows

Outbreaks can spread beyond smartphones

I told her the current generation of smartphones have mini usb connectors which usually allows the devices to be  charged. It also allows them to be plugged into a desktop computer for data syncing. Any infection present on your  smartphone could be transferred to a laptop (or desktop) and vice versa.

She is now considering proactive protection for her other phones and she is simply using the same safe computing practices one uses with their desktop:

• Keep your sensitive data safe (Security software is only as good as your last update)
• Obtain applications from trusted sources
• Be wary of email attachments, even if they come from friends
• Protect your passwords and Be careful using open Wi-Fi networks

Once a Windows computer has been infected, it's no longer your computer. There's no uninstall routine. These malware programs are dangerous. They often slow down browsing and overall PC performance, can make your system unstable, and waste huge amounts of time and money. And on top of that, hacker-type spyware easily can bypass every bit of security you have, creating horrendous security problems If you try to delete the agent's registry entries and files. You will probably find your network connections no longer functioning (because the Agent is an LSP), something that is pretty tricky to remove. The bad guys are really good.

So let's say you find malware installed and you want to get rid of it. What are you willing to pay to get your data back? Some people always believe if you pay more you get better quality. The big guys (like Best Buy) will charge you 149.99 for online support, 199.99 for in-store support and a whopping 200.00 for in-home / in-office support. This is supposed to be about average. Their Geek Squad have a retail duty to sell you as much (products) as possible, so hold on to your wallet
when you deal with them. They are highly dependent on their commercial diagnostics software. Staples has a flat $199 rate with 3 - 5 business days turn around for in home/office drop off. E-genesis' remote is $149, drop off is $199 and in home/office is $299. Across the country you can see quality at various prices:

     - Douglas Computing Technologies (of New York) has a flat rate $89 for virus or spyware  
       removal with one of the quickest turn arounds in the country. They give you service you ask
       for. (Outstanding!)
     - Best Way Computers Virus & Spyware Removal (Washington DC) is a close second at
       $89.99
     - Fixx Tech (Ohio) gives you virus and Spyware removal for $99
     - California Computer Services cost $199 (flat rate) virus and Spyware removal
     - Geek teks (#1in Nationwide Computer Repair) charges $99.29 for virus and spyware removal

Pricing seems to be relevant to your location and (I believe) the experience level of the technical support. California is going to cost more because of the economics. Everything costs more so $199 is equivalent to $99 in Ohio. If you stay away from the big retail guys, $89 - 99 is a good price. One fellow in Rocky Mount NC charges a base fee of $150 and gives additional charges for every function he performs. A $250 - 400 malware removal is not uncommon (some people believe
if they pay more, they always get a better product).

But wait a minute

For $44 to $80 I can get one of the top 5 security suites in the world to keep virus', spyware and malware out of my PC in the first place. If your tech savvy or adventurous you can go linux or spend the bucks and get you a Mac. I do most of my search on linux boxes (knoppix and ubuntu) and I have an assortment of live cd's which I use in various capacities. The bad guys can infect linux and Mac boxes but your probably safe with a live cd.

Whatever the case, there still are some who venture out onto the net naked. I generally give you about 2 minutes max. It really depends on where you are surfing. There are some who have the security up, but they neglect their updates so they may as well be naked (your security software is only as good as the last update). Which ever category you fall into, you may meet a nasty joker like Anti Virus Security Suite.

Paying for (Fake Spyware virus) Removal

This rogue anti-spyware program from the same family as Antispyware Soft and Antivirus Soft, can be a nightmare. Once installed, this fake program will display fake security alerts and state that your computer is infected with spyware, adware and other types of malware. It will disable any security you have, then it will prompt you to 'Pay' for a full version of the program to remove the infections and to make your computer more secure. Of course, that’s not true, because AV Security Suite is an infection itself and obviously won’t protect your computer from malware. If you do pay, there is nothing stopping them from reinfecting a paying customer. Additionally, they now have access to your credit card.

You can try to remove it or seek professional assistance but you need to remove is as soon as possible either manually or with an automatic removal guide. Its a corrupt Anti-Spyware program that may spread via Trojans (displaying fake security messages) and installs additional spyware on your computer. This malware can repair its files and spread or update by itself. It starts running as soon as PC is rebooted and begins its activity with fake system scanners and misleading notifications displayed. The upcoming malware attack is usually announced by AVSecuritySuite for one and only goal which is to make you purchase its useless license.

Some of this Malware acts as key-loggers, Simple Mail Transfer Protocol relays for spammers, password capturers etc. No matter what the attack or intrusion, there's some spyware that does it (or could do it) to your network. There are even dialer spyware programs that will place long-distance calls using your modem in an attempt to rack up huge call charges to 900 numbers.

If you're running a business, what might spyware be costing you? We'll start by assuming a fully loaded user salary is $85,000 per year and there are 260 working days per year. If a spyware infection involves nothing more than getting rid of it when found, and that process takes the user and the support person she works with, say, two hours to fix, then we're looking at a cost per incident of:

($85,000/260 days)*((2 people * 4 hours)/(8 hours per day)) = $326.90

In a 1,000-person organization with a spyware infection rate of 5% per month we would have some 600 cases per year for  a total cost of around $195,600. And if a dialer goes into action that could be a low figure!

What are you willing to pay to get your data back? Don't panic and pay the bad guys. Seek out your local professionals in either a retail or technical setting. If you want to save money, do a little preventive maintenance and get a security suite like Norton or Kaspersky and keep it up to date. You can either pay out now or you will pay later.