I’ve said it before, and I’ll say it again: The more your smartphone becomes a PC, the more viruses and malware will be a problem to phones.

And I don’t just mean this in my vain hope that at some point an x86 SoC will turn the phone into the next shrink in portable computing, able to run every same program that your PC can as if the phone really were a PC … because it finally is.

I mean it literally, the more your phone can do, and the larger the target “market” becomes, the more likely someone is going to write a virus for it.

And now I have McAfee backing me up. (Warning! Sadly, with a PDF file, almost as though McAfee doesn’t even understand security at all…)

So for those of you disinclined to trust opening any PDF file (and I certainly wouldn’t blame you), or for those too lazy to read through all of that gobbledy-gook, what does McAfee have to say then?

Basically it’s simple: Now that smartphones are so easily capable of mass-emailing on networks with decent speed and lots of data, they make great spam zombies. Android, by merit simply of having he largest market share, is the biggest smartphone/tablet target. But don’t by any means declare your Apple iOS device safe just because it isn’t as likely to be targeted for having a smaller market share. Being in a smaller market share isn’t a replacement for real security. Just ask Apple Macintosh owners who have to put up with real security threats, even if Macs aren’t nearly so common as Windows PCs.

Basically, no matter what your device is, be it phone, tablet, laptop, or desktop computer, if the bugger connects to Ye Olde Interwebs in any way, you need security software. Antivirus and firewall at the very basic, but thorough anti-malware packages if you please.

According to Vincent Weafer, Senior Vice President of McAfee Labs, “Attacks that we’ve traditionally seen on PCs are now making their way to other devices.”

No s___, Sherlock! You heard it there last. McAfee VP of Obviousness has made the connection.

Granted, one could possibly try to argue that this being McAfee writing up that report, of course they’re going to say be afraid and buy more software. Especially from McAfee.

But frankly, regardless of the mouthpiece for better security, only an idiot can think that their internet-enabled device is safe without any security software to protect it.

I mean seriously. If you surf, you’re at risk. Period. The internet may have many great things about it, but it is also a cesspool of viruses. Anything that can access the internet is at risk of infection. There’s no such thing as inherently “safe”.

Besides the common trend of spam botnets to make a little cash, since any internet-enabled device can be taken over to send out loads of spam to people, there’s also an increase in the trend of data-jacking, AKA “ransomware”. Hackers are all too happy to use software to hold your pictures, songs, movies, documents and files hostage until you pay them. (If they even bother to release your data at all after you pay them. And if they don’t use your payment as the beginnings to the means to try to drain your bank account dry.) And that’s just the hackers trying to make a buck. There are also always those that just want to hurt the world.

I know that you don’t think of your phone as a computer. It doesn’t sit on a desk. You don’t have a keyboard and mouse. (Okay, maybe you might have a keyboard of some kind.) You don’t sit down to use it. There’s no big Microsoft Windows logo. It’s not a computer.

Except that it is.

Inside of your phone is a processor and memory. Your phone runs an operating system. Your phone can install software. Your phone connects to the internet. Think about it. It IS a computer. It’s just a very tiny computer. Just like desktop computers became laptops and laptops became netbooks, just keep following that shrinking train, netbooks became tablets and tablets became phones. (Figuratively. A literal technical path would be a lot more confusing.)

So these days, have phone, have target for hackers.

It’s that simple.

And as a side note, so far, phone security software sucks. Yes, I said it. It’s like any nascent software. The first few versions just don’t have what it takes. There’s a learning curve: what’s needed, what can be done, how to do it, etc. So far security on phones and tablets is just plain crap. Anything is better than nothing, but let’s face it, computers aren’t even 100% safe and we’ve had all this time to get that right. This whole security on phones idea is new, and so phones just aren’t even close to as secure. And we keep adding more entry points. There’s your phone/data network. There’s Wi-Fi. There’s Bluetooth. And now there’s even NFC. No one is safe. There’s no platform that is inherently secure. (In fact, Apple iOS and Google Android both have alarmingly poor security concepts.) At absolute best you’re just not in someone’s sights … yet.

But as even McAfee now admits, the proof is now real infections, not just theoretical “coulds” and “shoulds”. Hackers are out there, doing what they’ve always done since the dawn of computers. And your phone is now a computer. Whether you knew it or not doesn’t make it any less a target for hackers. So don’t hide your head in the sand and hope for the best. Be proactive. Secure your phone. Secure your tablet. And tell your friends and family to do so too. They’re not just people you love, they’re also potential sources of infections that you interact with frequently. Do it for them. Do it for you.

In the world of computer viruses and hacking, we tend to think in terms of computers.  There is however a new threat emerging as our other devices become more and more capable of processing power and performing the same tasks as computers.  This is especially true of today’s smart phones.

So it comes as no surprise really, and yet at the same time as a considerable surprise, that we’ve now seen an attack on Symbian smartphones.

According to NetQin, mobile security experts, the Symbian S60 3rd and 5th generation operating systems have been targeted, infecting approximately 100,000 mobile phones with a virus that turns these smart phones into mass mailing zombies in a mobile botnet.

Right now the virus is disguising itself in hot topics such as the World Cup, which worldwide is an easy mark.  It has also been seen however with subjects such as the “most popular blind date TV show.”  So don’t expect it to be so easy to spot.

In fact it’s quite devious in that after it sends its virus emails and SMS texts with URLs linking to malicious websites that infect your Symbian smartphone, it then deletes the sent emails from your mail folders and texts from your SMS log, quite possibly leaving you unaware that any virus-ridden spam had been sent from your device to all of your stored contacts and phone numbers.

Which would explain how it is managing to spread so efficiently in spite of the narrow scope of devices the virus targets.

The NetQin team is, of course, working with mobile operators to block the malicious URLs and prevent the spread of this smartphone virus infection.

Now you just have to do your part.  Antivirus updates and being aware are, of course, suggested.  Now that your phone is capable of doing things that you used to need a PC for, you’re going to be suffering the same security threats as PCs do.  Welcome to the new mobile world.

Apple Macintosh computers have long gone unnoticed in the computer security world.  Mainly because hackers have rarely targeted them.  Why target a system with such a small market share when there’s Windows to exploit?  But lately the Mac is making headway in the war against Windows, and black hats have taken notice.

Bundled in with illegal downloads of things like Apple’s iWork 09 productivity suite and Adobe’s Photoshop CS4 from warez websites have come something new: A Macintosh-specific trojan horse virus.  And not just any virus, but a complex and elegant botnet.  Otherwise known as OSX.Trojan.iServices.A and OSX.Trojan.iServices.B, just iServices.A and iServices.B, or just generally grouped as OSX.Iservice, this botnet trojan is no simple bang-out from your average script kiddie.  It has its own peer-to-peer (p2p) engine, it has startup and encryption services, and it is designed around a highly adaptable structure.  In other words, it’s everything a dangerous virus should be.  And the botnet of zombie-Macs infested with this virus is already launching Denial of Service (DoS) attacks, just like you’d expect from a PC.

“The code indicates that, wherever possible, the author tried to use the most flexible and extendible approach when creating it – and therefore we would not be surprised to see a new, modified variant in the near future,” say virus researchers Mario Ballano Barcena and Alfredo Pesoli.  To which they add, “With malware authors showing an increasing interest in the Mac platform, we believe that more advanced [user interface] spoofing tricks may be seen in the future.”

I’ve been warning about it for a long time.  As Macs regain popularity (especially in light of the world disgruntled with Windows Vista) the “safety” of the Apple Macintosh is a thing of the past.  The only reason Macs traditionally haven’t been riddled with viruses like PCs have is because Macs are a niche market.  But as their market share grows, so too does the big bullseye on them.  We’ve been seeing more viruses hitting Macintoshes lately, and now we’ve seen the first true in-the-field Mac zombie botnet.  Mac security may never be the same again.  The curtain has been pulled, and we’ve found The Wizard to be nothing more than the same hackable software of everyone else.