The rise of mobile malware

Mobile malware is malicious software that targets and infects mobile devices.

With global smartphone ownership at approximately 6.92 billion, which equates to 85.95% of the world’s population, there is no shortage of targets for hackers and cybercriminals. With so much information being created, stored and transmitted, our gadgets become highly prone to malware threats.

Mobile malware takes a variety of different forms, and so the methods through which it can exploit vulnerabilities and compromise privacy are numerous. As such, understanding the cybersecurity risks specific to mobile phones and tablets – and learning how to safeguard against the most common cyberattacks – is key to protecting our sensitive data and assets.

Is mobile malware on the rise?

The landscape of mobile malware is fast-paced and ever-evolving. New threat actors, with new capabilities, are emerging constantly. Social engineering tactics, for example, which are widely used in phishing and Trojan attacks, are getting increasingly cunning.

Last year, researchers from Proofpoint detected a 500% jump in mobile malware delivery attempts in Europe alone. While many threat actors’ mobile malware attacks focus on stealing login credentials, there are others that attempt to hijack audio and video functions, track locations, and erase personal data and content.

As well as company devices, an increase in bring-your-own-device (BYOD) policies have led to more unsecured, personal devices connecting to shared systems, servers and networks – which can have devastating consequences for organisations if not handled correctly.

For example, Verizon’s 2022 Data Breach Investigations Report found that:

•   18% of successful company phishing attacks came from mobile devices
•   58% of company mobile devices had at least one malicious URL clicked
•   16% of company mobile devices had at least one malware or riskware app installed.

What are the most common types of mobile malware?

Not only are mobile malware rates rising, the methods of attack are also growing in sophistication.

• Cybercriminals seek to steal passcodes, bank details, and even gain full control over smartphones, in a number of creative ways, such as:
• Mobile droppers – Mobile droppers are Trojan variants that masquerade as innocent apps – for example, a premium-rate app on Google Play store available for free via a third-party app store – and trick mobile users into allowing the app (which is the dropper) onto their device.
• Remote access tools (RATs) – Hackers obtain full control of a mobile device and can operate it remotely.
• Drive-by download attack – These types of attack abuse vulnerable, outdated or insecure browsers, apps and operating systems to trick users into unintentionally downloading malicious code. Often, simply loading a website can trigger an attack, allowing hackers to perform actions such as injecting banking Trojans or other malware.
• Botnet attack – A botnet (a combination of the terms ‘robot’ and ‘network’) refers to a collection of IoT devices – such as mobiles, laptops and servers – that are infected and under the control of malware.
• Malware/mobile adware attack – These adverts and pop-ups that show up on mobiles are a type of malicious software designed to install viruses or spyware on a device, hijack browsers, or slow down devices.
• Smishing attack – Smishing works similarly to phishing (tricking users into clicking on links), except it uses SMS messages (text messages) as the primary method of attack.

There are also browser-based attacks, mobile ransomware attacks, virus attacks, MMS malware, cryptomining malware and countless others.

While Apple products, such as iPhones, aren’t immune, it’s worth noting that Android devices are at particular risk from mobile malware attacks. As Kaspersky note, ‘Android operating system software is open source, meaning anyone can modify it. If a developer makes an error, it’s easier for a hacker to find and explore those security gaps. Android also has a larger market share compared to Apple [meaning that it’s] far easier and more lucrative for hackers to create and release Android malware.’

What are the signs that your mobile has been attacked?

Could you be the victim of mobile malware?

It’s all too easy to fall prey to mobile security threats. You may have accidentally clicked on a link that appeared legitimate, connected to an unsecured public Wi-Fi network, forgotten to install the latest version of iOS, or loaded a website from an untrusted source.

If you’re unsure whether or not you have an infected device, ask yourself a series of questions:

•   Has data usage been excessive, unrelated to your own activities?
•   Have any unauthorised charges appeared on any of your apps or accounts?
•   Do your apps keep crashing?
•   Has an unusual search engine appeared on your device?
•   Has the number of pop-ups you receive dramatically increased?
•   Does your mobile battery drain inexplicably quickly?
•   Have unusual, unrecognisable apps appeared on your device?
•   Is your mobile device overheating?
•   Have any messages been sent to contacts in your address book without your awareness?

If you think your mobile device has been infected with malware, check out antivirus and security specialists Norton’s tips on what to do if your phone has been hacked.

How can we protect our mobile devices against malware?

Take precautions to protect mobile ecosystems from malware and other types of cyberattack.

A robust, comprehensive mobile safeguarding plan should include a broad range of security measures, such as: app and software management, mobile security software and firewalls, remote wiping, data encryption, screen locking and multi-factor authentication.

Ensuring users follow good mobile practices is also critical. For example, using varied, strong, hard-to-guess passwords, not engaging in jailbreaking (a jailbroken device is one where software is installed that is separate to that which the manufacturer made available), and using secure Wi-Fi networks or virtual private networks (VPNs). Always be skeptical of unrequested, unexpected or unusual messages that contain URLs, links or requests for data of any kind.

Stay ahead of mobile threats and safeguard mobile devices

Unlock a new career in the exciting, fast-paced cybersecurity sector and gain skills that are required across all industries with the University of Sunderland’s online MSc Computer Science with Cybersecurity programme.

A background in computer science isn’t required to join our flexible, 100%-online course – it’s designed for career-changers looking to develop the skills and experience to make an impact in the cybersecurity space. As well as core computing fundamentals – including systems engineering, data analytics, computer networks, system architecture, user experience and usability, and databases – you’ll study specialist modules in cybersecurity and cyber resilience. Plus, you’ll learn some of the most in-demand programming languages, such as Python, R, CISCO and Oracle.