Understanding the threat landscape on Andriod & iOS

By: Amit Nath, Country Manager, India & SAARC – F-Secure

In recent years, mobile and tablet devices have become the number one way in which we connect to the Internet, use social media sites, conduct online banking and make financial transactions on the go. While mobile and tablet devices are more popular than ever, their owners still underestimate the danger they might encounter. And as smartphone penetration reaches record levels globally, cyber criminals are starting to switch their focus to standalone attacks on mobile devices.

One such threat is mobile malware and surprisingly, many users know nothing or very little about this cyber threat targeting mobiles. The amount of mobile malware is growing faster than ever. And even though app stores are implementing new security measures, malware writers are just as quickly coming up with new ideas. Currently, over 80% of mobile malware is profit-motivated. Besides, the market reports also indicate that privacy-invading apps dominate the landscape, some containing malware, and many leveraging ad libraries to target unsuspecting app users.

According to industry statistics, in 2014, the amount of mobile malware increased by a devastating 75%, and the number of new mobile malware samples jumped by 49 percent from Q4 2014 to Q1 2015. And among all the mobile platforms, Android is still the primary target for cyber crime attacks on mobile platforms, as a staggering 97 percent of mobile malware is targeted at Android devices. In 2014 alone, there were 1,268 known families of Android malware, which is an increase of 464 from 2013 and 1,030 from 2012.

Amongst the all the Android vulnerabilities, WebView has become a big security problem especially for mobile devices running on the old Android OS. The WebView vulnerability could be exploited to compromise apps that run on the old Android code. Cybercriminals could tamper or steal data such as cookies and passwords.

Meanwhile, 259 out of the total 574 known variants of the SmsSend family were identified in the latter half of 2014, making it the fastest growing family of mobile malware. SmsSend generates profits for criminals by infecting Android devices with a Trojan that sends SMS messages to premium-rate numbers. Ransomware also continued to plague mobile users, with the Koler and Slocker families of ransomware identified as the top threats to Android devices.

While Android continues to be the favored target for the majority of mobile malware, threats directed towards Apple iOS do exist. Due to the rather secure ecosystem of Apple, the amount of malware in iOS is still marginal. However, this mobile platform mainly has attacks using phishing, wherein cyber criminals are after the user’s passwords that could lead to identity theft.

Meanwhile, late last year, researchers discovered a new attack on iOS devices that could allow attackers to unsuspectingly access and steal users' personal and financial information from their app caches. This ‘Masque Attack’ was one of the first to be put together with WireLurker malware, which originally attacked iOS devices through USB.

Moreover, both Android & iOS have experienced malware samples which have tried to attack the banking applications and mobile wallets. Besides, there has been a rise of SMS message sending trojans and ransomware attacks on mobile wallets and virtual currencies.

What you can do to protect yourself

By default, Android smartphones are programmed to block installation of apps from any other source than Google Play Store. Make sure that your device does not allow any app to be installed from any other source, by unchecking the option under Setting > Applications > Unknown Sources. By mistake, if this option is checked, then apps can be installed from other third party sources or app stores. If you do install any app from an unknown source, make sure you scan it using a trusted mobile antivirus solution.

Rarely, do we check the permissions asked by apps when we are installing them. Many of these apps require access to Internet connection, while some require access for sending SMS messages. One must look at the utility of the application and decide if the app needs these permissions. One can also look at the comments posted by fellow users on the Google App play store before one decides to install any app.

To combat the dramatic rise in the number of malware targeting mobile devices and safeguard their devices from know and new threats, mobile users need to install a complete security solution that should provide anti-malware and anti-phishing protection along with carrying anti-theft and privacy protection functionalities.