Threats 101
Ryan Harnedy
May 2016

What You Need to Know About Mobile Malware

Photo by Wilfred Iven

Your weekly dive into an important trend in malware. This week: malware targeting your mobile devices

What’s Going on with My Phone?

Over the past few years security researchers have seen a huge jump in mobile-specific malware. In 2015, analysts at Kaspersky detected 884,774 malicious programs running on mobile devices, and almost 3 million malicious installation packages — three times the number of mobile threats they saw in previous years.

Why Would Cybercriminals Attack My Phone?

Because you use it for everything. For cybercriminals looking for critical banking or corporate information, a user’s mobile device is a great target. A cybercriminal who is able to take control of your phone or tablet can access your important work documents, banking information, or they can simply use your phone as part of a botnet, which a new malware called Viking Horde is doing to the unfortunate people who download it on the Google Play store.

But I Have an iPhone so I’m Fine Right?

Finer but still not fine. While the majority of mobile malware right now is targeting Android devices, both because of their popularity and the open nature of their app ecosystem, iOS attacks are becoming more common and more sophisticated.

According to that same Kaspersky report, malware for iOS increased 2.1x in 2015 compared to 2014, and the increase will likely continue in 2016.

Previously, the general consensus was that Apple monitored submissions to their App Store strictly enough to prevent malware from getting on an iPhone, however over the past year malicious code has been discovered in over 40 iPhone apps available in the App Store.

So Aside from Going Back to a Flip Phone, What Can I Do?

While there may be more mobile malware out there than ever, the good news is there are things you can do to keep yourself, and your phone, safe.

  1. Avoid apps that aren’t available in the Google Play Store or the Apple App Store: While it still can happen, the chances of you downloading malware or phone ransomware from an app decreases dramatically when you have people vetting apps and checking for infections.
  2. Don’t give untrusted apps admin rights: Several strains of mobile malware will pester you to grant the app they’re on admin rights to your phone, which will give them access to the most important functions. Before you give any app admin rights make sure it’s an app that needs it and it comes from an app developer that you trust.
  3. Be careful about which devices you keep important information: One of the things that makes smart phones and tablets so great is the wide variety of things you can do on them. You can be working on an important presentation one minute, and you can take your daily Doodle Jump break on the same device. However, if you’re going to be accessing your financial and corporate information on a device you should be careful about what other apps and programs you’re putting on there, also. Nobody’s asking you to quit Angry Birds, but try to be wary about putting apps you’re not familiar with on a phone that’s linked to your credit card.

For more tips on what you can do to protect yourself from malware check out the Realist's Guide to Cybersecurity Awareness

Ryan Harnedy

Ryan Harnedy

Ryan writes about how to make cybersecurity make sense to end users and keep employees safe from ransomware, malware, and phishing attacks. He enjoys decoding buzzwords and sharing security tips that users might actually follow.

lock-white.png

Close the gaps in your security

Stop paying for AV, get the strongest protection instead. See how Barkly blocks attacks that are getting past AV.

See a demo

Comments

Stay informed!

Get the latest security news, tips, and trends straight to your inbox.

Stay informed!

Get the latest security news, tips, and trends straight to your inbox.