The Current State of Mobile Malware
It’s vital as an established organisation in today’s era to understand and protect your mobile fleet against the ever-expanding and advancing world of malware. Plenty of businesses know what mobile malware is, but many fail to fully comprehend the different types and how they infect corporate devices.
Wandera’s report on The Current State of Mobile Malware will take you through the most common malware infection vectors, the different types currently plaguing organisations, and how to take the appropriate steps to protect your mobile fleet.
What is malware?
The word itself is short for “malicious software”. It is defined as any software created with the intention of causing damage to a device without the owner’s knowledge or consent.
Terms like spyware, adware and trojans are frequently mentioned in the media but there is no real difference between these terms and malware. All of these harmful software classifications fall under the broader definition of malware.
While it may have been around for decades, mobile malware is a relatively new concern. Asking security experts if it was a risk back in 2014 would have resulted in mixed responses. In 2017, the answer is a resounding yes. Mobile malware is a potent and growing threat to enterprises.
Cyber criminals use a variety of tactics to infect the maximum number of corporate devices possible with their malware variants.
Infected applications: The method most frequently used by hackers to transfer malware to users’ devices. Applications are repackaged or infected then uploaded to third party app stores. Occasionally they find their way to the Google Play Store.
Malvertising: The practice of inserting malware into legitimate online ad networks to target a broad spectrum of end users. The ads appear to be perfectly normal and appear on a wide range of apps and web pages.
Scams: Rely on a user being redirected to a malware-ridden web page through a web redirect or pop-up screen. In more targeted cases, a link to the infected page is sent directly to an individual in an email or text.
Direct to device: Dictates that the hacker must actually touch the phone in order to install the malware. Usually this involves plugging the device into a computer and directly downloading the malicious software onto it (also known as side-loading).
Types of mobile malware
Mobile malware can be broken out into 7 main subcategories. While these terms are often heard in the media, most individuals are unfamiliar with their intricacies.
Adware or “advertising software” is designed to show frequent ads to a user in the form of pop-ups, sometimes leading to the unintended redirection of users to web pages or applications.
Banker malware is defined as any type of malware attempting to steal users’ bank credentials without their knowledge.
Ransomware is a type of malware that demands money from users and, in exchange, promises to release either the files or the functionality of the devices being ‘held hostage’.
Rooting malware as a category includes any malware that ‘roots’ the device, essentially unlocking the operating system and obtaining escalated privileges.
SMS malware is a type of malware that manipulates devices to send and intercept text messages resulting in SMS charges. The user is usually not aware of the activity.
Spyware monitors and records information about users’ actions on their devices without their knowledge or permission.
Trojans are a type of malware that hide themselves within pieces of seemingly innocent, legitimate software.
For examples of each type of malware, and a detailed analysis of the prevalence of each type, take a look at the full report by Wandera.
Prevalence by Type
It’s important to note that the prevalence of a malware type does not dictate severity. Some of the most dangerous types of malware are those that root the device, which is the least prevalent type. Adware variants, on the other hand, are usually the least severe, and yet one of the most prevalent types detected.
Danger level depends on variant. There’s no one hard or fast rule as to what type of malware is the most damaging. What experts can agree on however is that comprehensive mobile security is required in order to avoid malware compromising corporate devices.
Wandera’s unique malware protection
Wandera has the unique ability to shut down malware at the source, before it is able to affect the device. Thanks to its pioneering web gateway for mobile, it can detect malicious command & control traffic at the network level. As a result it can instantaneously block detected threats.
This means if a user downloads an infected application to their device, not only will admins be notified in real-time that the app contains the particular type of malware, but the malware will not be able to make a connection to the command & control server and therefore it will be rendered useless. This is only possible with all-encompassing visibility and control at the device, network and application level.
For more information about how Wandera’s malware protection can benefit your business, get in touch.