The occurrence of mobile malware increased by 155 percent across all platforms in 2011, and, according to Juniper Network’s 2011 Mobile Threat Report, malware specifically targeting the Android operating system saw its own increase of more than 3,000 percent.
Juniper Networks attributes Android’s malware explosion to Google commanding 46.9 percent mobile market share and the lack of serious regulation in a diverse and occasionally open marketplace of more than 500,000 applications and some 10 billion downloads.
In 2010, Juniper identified 11,138 unique malware samples across all mobile platforms. By the end of 2011, the number of unique samples had reached 28,472, which can be split into two types of malware: SMS trojans, accounting for 36 percent, and spyware accounting for 63 percent. Android malware alone accounts for 13,302 of these samples.
According to the report, popular ‘fake installers’ rely on SMS Trojans to trick users into agreeing to send premium SMS messages to attackers after downloading a certain app. The ease of use regarding fake installers is such that unskilled criminals can drive attacks, thus lowering the barrier for entry into exploiting mobile devices.
In addition to these outright malicious applications, the report also warns of a much larger pool of “suspicious, but not malicious” applications that unnecessarily request permissions and/or share excessive amounts of data with third-parties. Their findings show that 30 percent of apps obtain device locations without explicit consent, just under 15 percent request permissions that could initiate calls without user consent, six per cent request the ability to view all accounts on the device including email and social networking sites, and just under five percent of apps could send SMS messages without user involvement or knowledge.
As if application based threats weren’t enough, mobile devices, like PCs before them, are also vulnerable to any number of browser based threats triggered by visiting infected websites, such as drive-by downloads and denials of service. Similarly, devices remain vulnerable to WiFi hacks and man-in-the-middle attacks.
Apple, ever benefitting from its aura of invulnerability, is slightly more secure due to their screening policies and closed marketplace. However, those same policies have increased the allure of jailbreaking those devices, which opens the door to a slew of other mobile security concerns. Not the least of which are purported jailbreaking services that infect devices with malware during the rooting process. Furthermore, users running iOS have virtually no options for endpoint security products because Apple does not provide developers with the tools to create them.
The amount of malware targeting other mobile platforms (iOS, RIM, Nokia Symbian etc.) continues to grow, albeit modestly compared to Android. New Java ME samples increased by just under 50 per cent in 2011, a number that only seems small when you compare to those of Android (Java ME-based applications are popular among Symbian and Windows Mobile devices).
Another serious risk addressed in their Mobile Threat Report is that of lost and stolen devices. This entirely low-tech dilemma represents an enormous problem for mobile security as we continue to upload increasingly personal and important sensitive information onto TV remote-sized devices. One of every five users within Juniper’s network had to activate their locate command to reveal the location of a lost or stolen device.