This article was published on June 26, 2013

Juniper: Mobile malware is ‘an increasingly profit-driven business’ as 92% of all known threats target Android


Juniper: Mobile malware is ‘an increasingly profit-driven business’ as 92% of all known threats target Android

Mobile malware is becoming “an increasingly profit-driven business,” according to Juniper Networks, which today released its third annual Mobile Threats Report. The total amount of mobile malware across all mobile platforms grew 155 percent in 2011, while between March 2012 through March 2013, the figure rocketed 614 percent to 276,259 total malicious apps.

The exact numbers might be shocking at first glance but they aren’t too worrying: they are completely expected given the general trend of moving to mobile. As Juniper rightly points out, this simply indicates that more attackers are shifting at least part of their efforts away from the PC market.

Juniper_Malware_Infobite_v12

Juniper security researchers also highlighted the following four indicators of a shift in mobile malware “from cottage industry to developed market”:

  • Targeting Markets with Greatest ROI: Criminals are focusing the vast majority of threats on Android and its open ecosystem for apps and developers, a trend that is likely to continue for years to come. In 2010, Android made up 24 percent of all known mobile malware threats, in 2011 the figure increased to 47 percent, and by March 2013, Android was the target of 92 percent of all known threats.
  • Shortened Supply Chains: Juniper identified more than 500 third-party Android application stores hosting mobile malware. These third-party alternatives to official marketplaces often have low levels of accountability, meaning malicious apps are rarely removed. These stores are not limited to Android: several million jailbroken iOS devices rely on them to side load apps. Of these malicious third-party stores, three out of five originate from China and Russia, two emerging markets infamous for malware in the PC space.
  • Multiple Paths to Market: Less sophisticated mobile criminals are exploiting holes in mobile payments to make a quick and easy profit via the likes of SMS Trojan and Fake Installer. According to Juniper, each successful download provides attackers around $10 in immediate profit.
  • Fragmentation: Attackers continue to benefit from the largely fragmented Android ecosystem, leaving users exposed to well-known and documented threats. Google provides protection against SMS threats – which make up 77 percent of Android malware – in its latest OS version, yet only 4 percent of phones have it. Juniper argues this threat could be largely eliminated if OEMs and carriers found a way to regularly update devices.

The first point isn’t too surprising if you remember how significantly dominant Android is in the mobile space. Juniper points to Canalys figures, the latest of which shows Android handsets accounted for 75.6 percent of total smartphone shipments in Q1 2013 with a projection of over 1 billion Android smartphones expected to ship in 2017 alone.

The third point is probably the most important one in remembering that most of these threats are really one and the same. Back in October 2012, McAfee came to a similar conclusion, finding that 60 percent of Android samples the company processes is of the same malware family: a threat that mimics popular apps and sends expensive text messages in the background.

The other two points are a stark reminder that this is a problem that largely doesn’t affect most users in developed markets. If you’re using Google Play exclusively, you won’t see almost all Android malware that is out there. If you’re on the latest version of Android, the most popular ways malware writers try to make money off you simply won’t work.

That being said, Google still has a lot of work to do, especially in the department of getting more people on later versions of Android. Naturally, that’s a job its partners need to help with.

“With mobile malware on the rise and attackers becoming more financially motivated, we need better protection for mobile users and corporations,” Juniper’s Michael Callahan said in a statement. “While on one hand the OEMs, carriers and software vendors must collaborate to develop future platforms that mitigate these large threats, enterprises and government organizations need to take a comprehensive look at protecting their data and networks by adopting a holistic mobile security approach.”

Juniper’s latest report is based on analysis of more than 1.85 million mobile apps and vulnerabilities across major mobile operating systems. If you want to check out the full 27-page document, head here.

Top Image Credit: George Crux

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with