Juniper Networks finds mobile threats continue rampant growth as attackers become more entrepreneurial
Juniper Networks released its third annual Mobile Threats Report showing the rapid growth and evolution of mobile malware into a profitable business for attackers. From March 2012 through March 2013, the Juniper Networks Mobile Threat Center (MTC) – found mobile malware threats growing at an exponential rate of 614 percent to 276,259 total malicious apps, demonstrating an exponentially higher cyber-criminal interest in exploiting mobile devices. Additionally, it is clear from developments in the threat landscape that malware writers are increasingly behaving like profit-motivated businesses when designing new attacks and malware distribution strategies. Attackers are maximizing their return on investment by focusing 92 percent of all MTC detected threats at Android, which has a commanding share of the global smartphone market. According to analyst firm Canalys,Android devices accounted for 67.7 percent of all smartphones shipped in 2012 and is projected to ship more than 1 billion smartphones in 2017. Attackers are also leveraging loosely regulated third-party app marketplaces to distribute malware and more quickly get threats on the market.
News Highlights
This year’s MTC report uncovered several mobile malware trends that demonstrate increased business savvy by attackers including:
·Preying on High-Growth Market Opportunities:Mobile malware developers are recognizing huge opportunity in the growing market dominance of Android. Malware for the Android operating system has increased at a staggering rate since 2010, growing from 24 percent of all mobile malware that year to 92 percent by March 2013.
·More Effective Distribution: Attackers made strides to shorten the supply chain and find more agile methods to distribute their wares into the wild around the globe.
·Multiple Paths to Big Profits: Almost three-fourths (73 percent) of all known malware are FakeInstallers or SMS Trojans, which exploit holes in mobile payments to make a quick and easy profit. These threats trick people into sending SMS messages to premium-rate numbers set up by attackers. Based on research by the MTC, each successful attack instance can yield approximately $10 USD in immediate profit.
·Exploiting Industry Fragmentation: The fragmented Android ecosystem keeps the vast majority of devices from receiving new security measures provided by Google, which could leave users exposed to even known threats. According to Google, as of June 3, 2013, only four percent of Android phone users were running the latest version of the operating system, which provides mitigation against the most popular class of malware measured by the MTC that makes up 77 percent of Android threats.