Infection of a mobile device can be performed by social engineering, using vulnerabilities of the mobile platform, or by using physical access to the device. For infection, software is installed that allows an attacker to control a mobile device remotely and download stored information from it. The attacker gets access to SMS messages, mail, and other important information (for example, notes containing passwords from financial systems). Such malware is distinguished by its methods of exposure:
- Malicious instances that perform remote device management. They allow you to install new applications, get all the information from your phone, as well as make calls and send SMS.
- Malicious instances that spy on the user, collect all the information about him, starting from the content of his SMS and ending with GPS-tags of places where he is most often, then send them to the control node.
- SOFTWARE that specializes in RBO programs and SMS alerts that allow you to intercept and fake incoming calls and SMS.