Mobile Malware Follows the Money

By | June 28, 2013

Posted in: Network Security Trends

Mobile malware mushroomed more than six-fold in the year ending in March, and the people behind it are increasingly behaving like calculating business professionals, a study from Juniper Networks says.

“Similar to legitimate developers focused on the rise of mobile, cyber criminals are looking to maximize their return on investment with their attacks,” said the company’s Third Annual Mobile Threats Report issued this week.

“Through targeting threats at Google Android with its commanding global market share, leveraging loosely regulated third-party marketplaces to distribute their illicit wares, and developing threats that yield profits, it’s clear that the mobile malware writers are more sophisticated and chasing higher rewards for their efforts,” the report said.

Michael Callahan, vice president of global product marketing for Juniper, said it might not be unexpected that mobile malware had increased in the period, but the rate of increase – 614 percent – was surprising.

In a blog post, Callahan said that Android attacks rose from 24 percent in 2010 to 92 percent in 2013. “This focus is not due to a large number of vulnerabilities in the underlying platforms... Android remains a target in large part because of its dominant market share and open app ecosystem.”

Callahan cited a recent Symantec report which said that Apple’s iOS had more  documented vulnerabilities in 2012 than Android.  But only one threat was created for iOS, the Symantec report said.

The Symantec report also gave Android’s dominant market share and the openness of the platform as factors that made it “the go-to platform of malware authors.” It said there was a 58 percent increase in mobile malware families in 2012 compared with 2011.

The Juniper Networks report said factors contributing to the dearth of malware on iOS and the abundance of it on Android “has more to do with the latter’s large user population, its broad geographic distribution, and the ease with which malware authors can get their code onto vulnerable mobile devices. Cybercriminal groups that are exploiting mobile malware may be prioritizing a short path to profitability (cash-out) and easy distribution.”

It said Apple’s “walled garden” approach made both of those objectives more difficult to achieve.

“Does that mean there is no malware problem in the iOS world?” the Juniper report asks. “It’s hard to say. Apple says little about its management of the App Store or about malicious and suspicious mobile apps it discovers there. Most of what we know comes by way of independent observers working outside of Apple.

“We know there have been instances of applications being pulled from the App Store for violating Apple’s terms of service. How common an occurrence that is, or how many such applications get flagged either before or after publication on the App Store, is a matter of conjecture.”

The report said  iOS users who circumvented Apple’s content protection technology -- or “jailbreak” their phones – were vulnerable to malicious infection, especially when loading
applications from external application market places that cater to jailbroken iOS devices.

Callahan said Juniper researchers had found mobile malware in more than 500 third-party “alternative” app stores globally. “In many markets, these alternative app stores are very popular places to download apps. Of these alternative app stores, three out of five are in China or Russia — markets infamous for malware.”

He said nearly 73 percent of malware were Fake Installers or SMS Trojans, which exploit holes in mobile payment systems. “These threats either trick users or secretly send text messages to premium numbers set up by attackers to turn a quick profit,” Callahan said.

You May Also Be Interested In: