The Current State of Mobile Malware

It’s vital as an established organisation in today’s era to understand and protect your mobile fleet against the ever-expanding and advancing world of malware. Plenty of businesses know what mobile malware is, but many fail to fully comprehend the different types and how they infect corporate devices.

We talk you through the most common malware infection vectors, the different types currently plaguing organisations, and how to take the appropriate steps to protect your mobile fleet.

What is malware?

The word itself is short for “malicious software”. It is defined as any software created with the intention of causing damage to a device without the owner’s knowledge or consent. Terms like spyware, adware and trojans are frequently mentioned in the media but there is no real difference between these terms and malware. All of these harmful software classifications fall under the broader definition of malware.

Mobile malware specifically targets mobile phone operating systems. They pose a very real threat to organisations that have their own mobile fleet or have a BYOD programme, as malware puts at risk highly sensitive customer data. Mobile malware is a potent and ever-growing threat to enterprises.

Infection vectors

Cybercriminals use a variety of tactics to infect the maximum number of corporate devices possible with their malware variants.

Infected applications: The method most frequently used by hackers to transfer malware to users’ devices. Applications are repackaged or infected then uploaded to third-party app stores. Recently, there has been a surge in malware being uploaded to the Google Play Store. Find out more about how the Play Store is affecting the current trends in Android mobile malware here.

Malvertising: The practice of inserting malware into legitimate online ad networks to target a broad spectrum of end users. The ads appear to be perfectly normal and appear on a wide range of apps and web pages.

Phishing Attacks: Rely on a user being redirected to a malware-ridden web page through a web redirect or pop-up screen. In more targeted cases, a link to the infected page is sent directly to an individual in an email or text. Mobile phishing applications trick the user into installing a convincing fake application over a legitimate one. Upon installation, these fake applications begin collecting information. Take a look at Wandera’s Mobile Phishing Report for an in-depth look at the state of mobile phishing.

Direct to device: Dictates that the hacker must actually touch the phone in order to install the malware. Usually, this involves plugging the device into a computer and directly downloading the malicious software onto it (also known as side-loading).

Types of mobile malware


Adware or “advertising software” is designed to show frequent ads to a user in the form of pop-ups, sometimes leading to the unintended redirection of users to web pages or applications.


Banker malware is defined as any type of malware attempting to steal users’ bank credentials without their knowledge.


Ransomware is a type of malware that demands money from users and, in exchange, promises to release either the files or the functionality of the devices being ‘held hostage’.


Rooting malware as a category includes any malware that ‘roots’ the device, essentially unlocking the operating system and obtaining escalated privileges.


Spyware monitors and records information about users’ actions on their devices without their knowledge or permission. Most spyware collects data which can include user location, passwords and contacts, posing not just a problem for the immediate user but also to anyone in their address book.


SMS malware is a type of malware that manipulates devices to send and intercept text messages resulting in SMS charges. The user is usually not aware of the activity.


Trojans are a type of malware that hide themselves within pieces of seemingly innocent, legitimate software. Upon installation, they commence malicious activity which can include mining for banking information and passwords.

Mobile Malware Trends

  • Number of mobile malware attacks (millions)
  • Users affected by mobile malware (millions)

It’s important to note that the prevalence of a malware type does not dictate severity. Some of the most dangerous types of malware are those that root the device, which is the least prevalent type. Adware variants, on the other hand, are usually the least severe, and yet one of the most prevalent types detected.

Danger level depends on variant. There’s no one hard or fast rule as to what type of malware is the most damaging. What experts can agree on, however, is that comprehensive mobile security is required in order to avoid malware compromising corporate devices.

Wandera’s unique malware protection

Wandera has the unique ability to shut down malware at the source, before it is able to affect the device. Thanks to its pioneering web gateway for mobile, it can detect malicious command & control traffic at the network level. As a result  it can instantaneously block detected threats.

This means if a user downloads an infected application to their device, not only will admins be notified in real-time that the app contains the particular type of malware, but the malware will not be able to make a connection to the command & control server and therefore it will be rendered useless. This is only possible with all-encompassing visibility and control at the device, network and application level.

For more information about how Wandera’s malware protection can benefit your business, get in touch.

How Mobliciti Can Help

Mobliciti can provide you with Wandera’s real-time technology, so you can confidently adopt mobile and cloud technologies to drive productivity whilst reducing your risk of data breaches. We can work with you to ensure mobile malware poses no threat to your mobile and BYOD fleet. Find out more about our services or get in touch.

Recommended Posts
Connect with us
Mobile Procurement Hidden Coststhis is an image of a semi closed mac book