Denis Maslennikov Kaspersky Lab
download slides (PDF)
Everybody wonders just how much money cybercriminals who target mobile devices actually make. If this activity wasn't remotely profitable, then it almost certainly wouldn't exist. The fact that people fall victim to such attacks demonstrates that, just as in other areas, the bad guys are making extensive use of social engineering to exploit the human factor. It should also be noted that security solutions for mobile devices aren't widely used as the majority of people don't even know that mobile malware exists and is in the wild. These two factors contribute to the number of attacks on mobile devices.
Russia provides a unique environment for commercial (i.e. money-making) attacks on mobile phones and smart phones: the lack of a clear market leader in mobile operating systems, and weak legislation really help the bad guys. It's only in Russia that millions of dollars have been lost due to mobile malware, and cybercriminal groups which specialize in different areas are working closely together to make more and more money.
This presentation will examine the mobile malware most commonly used by Russian cybercriminals and explain how they profit from such activity. We will also present a number of concrete cases of infection together with an estimation of the losses caused. Finally, we will analyse the Russian legal system and consider what the future will bring if legislative changes are not introduced.