(MoneyWatch) The security industry has something of a split personality when it comes to mobile devices, especially cell phones. There are a variety of antivirus and anti-malware solutions out there for mobile phones, yet most experts have contended for the past few years that the risk to mobile phones is relatively low.
Perhaps it's time to reassess that risk. Two somewhat chilling threats have popped up in recent weeks, and the bad news is that there are few precautions you can take to avoid them. Traditional anti-malware software isn't likely to be effective.
Fake cellphone towers. Like a page ripped from a high-tech thriller, bogus cell phone towers are actually appearing in the wild. They're also alarmingly cheap -- assembled in Eastern Europe and available for sale to criminals, these towers cost just $1,500 or so and allow the operator to take control of the phones that use them and download data from a device. According to The Street, such towers are already in use by law enforcement and government entities, and likely in the hands of criminals as well.
Officially sanctioned malware. The most alarming aspect of this hack is that it's not exactly a hack. Carriers like AT&T, Verizon, and Sprint have the ability to push software patches down to handsets. There's nothing dangerous or surprising about that. But if a carrier, working with a government, pushed malware to the handsets as a part of a regular update, the government would have a backdoor to monitor the data and communication on those handsets with relative impunity. According to reporting in The Street, this is actually happening today in countries like China, Brazil, Russia, India, Saudi Arabia and Israel. The only practical solution? Don't use your own phone when traveling to a high-risk country -- use a throwaway handset instead.