Android Malware Sees Triple-Digit Spike in Volume

Android malware has once again spiked in volume—logging a 391% increase in 2014.

The Pulse Secure Mobile Threat Center found that nearly one million (931,620) unique malicious applications were produced last year as criminals look to boost profits amid an escalating number of devices. The firm logged 1,268 known families of Android malware, which is an increase of 464 from 2013 and 1,030 from 2012.

Android-targeted baddies now account for 97% of the mobile malware threatscape. Capability-wise, there’s a common theme: the ability to take profit from an end user with SMS premium services or malicious ad networks is found in all of the top 10 malware threats identified in 2014.

The report also found significant takeaways for enterprises, highlighting that many organizations have attempted to embrace bring your own device (BYOD) with mobile device management (MDM) suites or capabilities, but are being met with resistance from users because personal devices are falling under the control of enterprise administrators.

In 2015, enterprises should expect to see a shift from trying to manage and secure an entire mobile device via MDM to one of employing workspaces to secure only portions of the device that access and store corporate data, the report explained.

“Enterprise networks, while continually hardened at the perimeter, need to apply similar mobile security controls to appropriately deal with the ever-increasing BYOD push coming from employees,” said Troy Vennon, director of the Pulse Secure Mobile Threat Center and author of the report. “The focus on Android and jailbroken iOS devices by mobile malware developers illustrates that they are actively attempting to exploit mobile devices as the weak link in enterprise security.”

Going “off-grid” from authorized app stores is a continuing issue as well, the report found. The overwhelming majority of Android malware is being developed and distributed in unregulated third-party app stores in the Middle East and Asia, while Google Play contains just .01% of malicious apps.

Market share indicators tell us that U.S. consumers are split closely between owning Android and iOS devices, while the rest of the international community is almost entirely dominated by Android devices. It is also true that the international mobile community is much more likely to browse a third-party store for their applications than they are to get them from the official Google Play store.

In contrast, there were four iOS targeted attacks in 2014—and most targeted jailbroken devices.  Thanks to Apple’s tightly controlled walled garden model, there’s just not as much opportunity for criminals to infiltrate. However, this is starting to change. WireLurker is the first example of a non-jailbroken iOS device being infected. This action was carried out by tethering the device to an infected Mac.

What’s Hot on Infosecurity Magazine?