Malware having a field day in W-Cup

PETALING JAYA - Malicious software steals your information by getting you to install it in your smartphone and, with World Cup fever at its height, there is no better time for malware writers to score against you.

Many football fans are devouring all kinds of World Cup news, photos and videos via their smartphones now and there is a huge number of mobile apps being offered that can serve up a buffet of such goodies.

For the unwary, some apps may also be serving up hidden programs that steal your personal data once the app is installed on your phone, especially those that are unregulated third-party software.

Internet security company Trend Micro has detected 375 malicious World Cup apps that can read the SMSes on your phone, pinpoint your location, copy your contacts list, and switch on the camera without your knowledge.

Victor Lo, regional consulting director at Trend Micro, said the malware would steal your information without you even noticing it and that the hacker could try to access your bank accounts or impersonate the owner of the phone.

"There are no pop-up messages to tell you that it is going to copy your contacts list or anything like that," he warned.

"The only way to know if a malicious app is on your phone is by using mobile security software to detect it."

Dr Amirudin Abdul Wahab, CEO of CyberSecurity Malaysia, an agency under the Ministry of Science, Technology and Innovation, warned that some malware could take over control of your phone to send out its own SMSes or automatically instal other malicious apps on the device.

"Mobile apps are the easiest way for a hacker to get victims," he said.

He said CyberSecurity was monitoring several apps for Android-based phones that had been found to be exploiting the huge interest in the World Cup event.

But according to him, the World Cup is only one period that malware writers use to trick people into installing their programs.

Typically, he said, any event that generated a huge interest could be exploited, such as the missing Malaysia Airlines Flight MH370, the Thomas Cup or the American Idol contest in the United States.

The agency had received 532 reports concerning malware from Malaysian users and recorded 1,295,728 malware infections as of May, he said.

CyberSecurity and Trend Micro advised smartphone users to be more careful of the apps they download.

"Always look for well-known app developers, as well as read user reviews and ratings to determine the quality of the app," said Dr Amirudin.

Lo said mobile users should be extremely cautious.

"Some apps will ask for access to your messages, calls or contacts list and users need to ask themselves if this is necessary," he said.

"Take the time to read the app's terms and conditions to know what you are agreeing to before you click the instal button."

Report malware to CyberSecurity's Cyber999 Help Centre via e-mail at or call 019 266-5850 (24 hours).