Smartphones now account for 60% of malware infections in the mobile network

Smartphones are now ahead of WIndows-based computers and laptops as the number one culprit in infecting mobile networks with malware, according to research findings from Nokia's Security Centre in Berlin which looked at over 100 million devices.

Android continues to be the main platform targeted – malware instances on Android more than doubled in the last six months of 2015.

2015 also saw ransomware such as CryptoLocker, which effectively holds a device hostage by encrypting data, move from Windows PCs to attacking Android. Although not yet as a sophisticated as its Windows counterpart, Android ransomware can still cause financial losses and disruption. It accounted for the largest precentage of malware threats in 2015.

> See also: New 'impossible to wipe' malware strands hit Android users

But the research also shows an increase in iOS-based malware, as it hit the top 20 list for the first time with XcodeGhost and FlexiSpy. In October 2015 alone, iPhone malware represented 6% of total infections.

The XcodeGhost malware was injected into apps through a compromised software development kit to create legitimate apps distributed via the Apple App Store. Apple has removed these apps from the Apple Store, but some malware remains active.

Mobile malware overall is becoming persistent and sophisticated, and can be very difficult to uninstall with many strains even able to survive a factory reset.

Smartphones have become a prime target for malware campaigns as personal data is consolidated onto them.

As Craig Young, security researcher at threat detection company Tripwire explains, while trusted app stores do a lot to reduce exposure to malware, examples of apps slipping past vendor review processes are not hard to come by.

'In recent months we have learned about thousands of XcodeGhost infected applications as well as the zerghelper malware finding clever ways to make it into the official Apple app store,' says Young. 'This is rather significant as the previous noteworthy examples of malware making its way into the app store came from university research and hacker conventions.'

'On iOS, much of the malware is being signed with enterprise keys which can be purchased by a malicious author on the underground market for about $800 or simply used to sign a single app for just a few dollars. On Android, anyone can sign an app without special requirements other than that the phone will have a major security feature disabled.'

> See also: Mobile malware: just a common annoyance or a wolf in sheep's clothing?

Those going through the Google Play Store are not guaranteed to avoid malware – on Android we have recently seen the so called Brain Test malware reappear on the Google Play Store platform.

In January this year, the Brain Test malware affected as many as 13 apps in the Play Store, with hundreds of thousands of downloads, before being caught out.

Generally though, most malware on both platforms does not come through the main app stores.

Anyone who want to avoid infection are well advised to be very cautious about installing apps, says Young.

'On Android this means sticking to the Google Play Store without enabling apps from 'unknown' sources and to install one of the many antivirus apps. While antivirus is disallowed on iOS, users should steer clear of jailbreaking and should not accept enterprise certificates outside of their organisation.'

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics