Mobile malware developers targeted Google's Android more than any other mobile operating system in 2011. However, cyber-crooks also abused Apple's iOS, RIM's BlackBerry and Symbian.
Malware that specifically
targeted mobile operating systems increased in 2011 as smartphones became more
popular with enterprise users, as well as consumers. These cyber-criminals also
developed affection for the Google Android OS, which saw the biggest jump in
malware during the past 12 months, according to a new report from Juniper
Malware targeting the
Android mobile operating system grew by a whopping 3,325 percent in the last
seven months of 2011, according to the 2011
Mobile Threat Report
, which Juniper released Feb. 15. Android malware
accounted for about 46.7 percent of unique malware samples that targeted mobile
platforms, followed by 41 percent for Java Mobile Edition.
Overall, mobile malware more
than doubled in 2011, growing by 155 percent across all platforms, which included
Apple's iOS, Research In Motion's BlackBerry and Symbian. New malware samples
targeting Java Mobile Edition increased by a little less than 50 percent in
2011. Java ME is popularly used on Symbian and Windows Mobile devices.
Juniper saw a
"significant increase in the amount of mobile malware, its sophistication,
as well as new nimble social-engineering-based attacks," said Daniel
Hoffman, chief mobile security evangelist at Juniper Networks.
The Mobile Threat Center at
Juniper Networks examined more than 793,631 applications and 28,472 unique
malware samples to compile the report. Despite the eye-popping growth numbers,
the total number for mobile malware remains minuscule, compared with malware
targeting traditional computers.
The explosion in Android
malware is a direct result of the platform's diverse and open marketplace where
developers are free to post their apps as well as growing market share,
according to Juniper. Google's market share in the mobile space, at 46.9
percent, is statistically the same as the proportion of Android malware
detected by Juniper.
"Hackers are incented
to target Android, because there are simply more Android devices as compared to
the competition," said Hoffman.
service has been scanning apps in the Android Malware and removing offenders
toward the second half of the year to make it harder for scammers to upload
malicious apps. Bouncer will "certainly help" reduce infection rates
from downloads on the official market of known threats, said Hoffman.
Apple is slightly more
secure due to its screening policies and closed marketplace, but iOS users have
their own set of mobile security challenges, according to the report.
Jailbreaking remains common and users with iOS devices are vulnerable to
malicious jailbreaking services that infect the device during the rooting
Mobile devices are just as
vulnerable to browser-based attacks triggered when a user navigates to a
malicious Website as computers. There are fewer choices available for iOS users
when it comes to security products to protect them from these kinds of threats.
"This lack of software
protection and a competitive security market leave users with little protection
if malware were ever to make it through Apple's application-vetting
process," the report found.
In fact, there are several
examples of developers slipping apps past Apple's screeners last year. The most
prominent example was when Apple researcher Charlie Miller got a seemingly
innocuous app approved for the App Store, and then was able to use the app to
remotely execute code on devices.
Malicious apps and scams
targeting mobile users have become more sophisticated and many rely on social
engineering tactics to trick users into downloading and installing, Juniper
hackers" moved from proof-of-concept samples to developing profitable
malware, according to the report.
Mobile malware can be
classified into two different groups, Short Message Service (SMS) Trojans and
spyware. Spyware was the most common form, accounting for about 63 percent of
malware. Spyware on mobile devices generally goes after GPS data, text
messages, contacts and browser activity and transmits it to a third-party.
SMS Trojans, accounting for 46
percent of malware, trick users into agreeing to send premium SMS messages to
attackers. As they generally run in the background, users are usually unaware
these messages are being sent until they see the charges on their bills.
Scammers often piggyback SMS
Trojans onto "fake installers," which are apps that trick users into
paying for them even though they may be legitimately available for free.
These fake installers create
a "low barrier to entry" for cyber-criminals interested in mobile
scams but lacking the technical skills, according to the report. Application
stores are the prime delivery mechanism for infected apps, and it's far easier
to turn around these types of apps rather than those targeting actual