Over 90% of Organizations Hit by a Mobile Malware Attack in 2020

Almost every global organization suffered at least one mobile malware attack in 2020, according to a new report from Check Point.

The security vendor polled 1800 customers of its Harmony Mobile device threat protection product to compile its 2021 Mobile Security Report.

Of the near-total number that faced a mobile attack last year, 93% of incidents originated in a device network, and were either phishing attempts (52%), C&C communication with malware already on the device (25%) or involved infected websites/URLs (23%).

Check Point also warned that unsecured networks like public Wi-Fi could enable man-in-the-middle (MitM) attacks designed to compromise devices and data.

The study revealed that nearly half (46%) of responding organizations had at least one employee download a malicious mobile application that threatened networks and data last year. Banking Trojans, mobile Remote Access Trojans (MRATs), premium diallers, clickers and ad fraud were among the most common.

Some 97% of organizations faced mobile threats originating in multiple vectors, including applications, networks, devices and OS vulnerabilities. However, Check Point warned that mobile device management (MDM) is a potentially major new target for attackers.

In April last year, the security vendor claimed to have detected for the first time information stealing malware targeting the MDM server of a large multi-national, and in so doing compromising over 75% of its devices.

“Regrettably, the MDM’s most notable feature, and arguably the reason for its existence – a single, central control for the entire mobile network, is also its major weakness,” noted Check Point. “This malware [a Cerberus variant] is very damaging, for once installed, it can collect large amounts of sensitive data, including user credentials, and send it to a remote command and control (C&C) server.”

In the report, Check Point also repeated claims made last summer that around 40% of the world’s mobile devices are vulnerable to attacks, after it found hundreds of bugs in Qualcomm’s popular DSP chips.