More and more companies allow employees to use smartphones and tablet PCs in workplace, but they are facing a new potential threat - malware embedded in games and applications.

Dan Hoffman, network security company Juniper Networks mobile security director, said the application store is quickly becoming the main delivery mechanism of infected applications. Consumers purchase applications for their equipments through an online application store.

As the consumers are free to download applications to their devices, so it's relatively easy for these devices to be infected. Hackers just simply need to embed malware into games and applications to entice users to download. Once embedded into the application, the malware will call chargeable phone numbers without the knowledge of the phone owner , or send text messages to a chargeable site to steal passwords and other account, and track user locations.

Companies fear that malicious software can be used to access corporate data downloaded on personal devices. Hoffman said that the Android devices have become the main target of malware attacks last year, because Android has dominated the smartphone market.

Currently we are still unable to know whether Apple devices are facing similar threats, because the external security of Apple's system is closed, they do not allow independent vendor tracking Apple device threats.

Google said its application store Google Play is safer than ever. Before applications are available for download in the app store, Google will review them to find malware. The Android system also has the function of blocking the download of third-party applications, but users can turn off this function.

Apple is yet to be reached for comment, but they have been reviewing their apps before the apps are available to download.

Security experts said that the application is the best carrier of digital theft, and even legal procedures may also need to consent to access the user's email or social networking site account. Smartphones will occasionally update and alert the user about the problematic applications, but once the application is downloaded the system in general will not remove them.

In order to ensure data security, corporate IT managers will generally rely on virtual private network, the network requires a very secure password, and require regular updating. However, Hoffman and other security company executives believe that companies need to enhance its preventive measures.

To achieve this goal, dozens of products are already on the market. Mobile devices need to be scanned to find the malicious application before they are allowed to connect to corporate networks. If problems arise, some of the software will clear enterprise data.

Security experts say so far there is no malicious application can set up malicious software in the enterprise server network. However, with the diversification of working equipment, the threat also increases. "Smartphones are now legitimate computing devices, enterprises need to take the  threats seriously." According to Symantec terminals and mobile management senior manager Brian Duckering.

Note : Article from Sina .Source http://tech.sina.com.cn/t/2012-04-05/08346912063.shtml