Mobile Malware? You’ve More Chance of Being Hit By Lightning

The impact of mobile malware on the average user has been hugely overstated by the AV industry, with users more likely to be struck by lightening than get infected, according to new research from Damballa.

The security company analyzed nearly 50% of US mobile traffic to determine actual malware infection rates – as opposed to theoretical attacks, flaws and malware samples found in the wild.

The firm compared a similar study conducted in early 2012, when it analysed a third of US mobile traffic, with its Q4 2014 research.

In 2012 it found that just 3,492 out of a total of 23 million devices contacted a domain on the mobile black list (0.015%). This figure dropped to just 0.0064% two years later – or 9,688 devices out of 151 million.

By comparison, the odds of being struck by lightning over one’s lifetime are 0.01%, according to the National Weather Service, Damballa said.

The firm added that there’s a significant overlap between fixed internet hosts and mobile hosts, with mobile apps reusing the same infrastructure as desktop applications.

Damballa CTO, Brian Foster, told Infosecurity that first party app stores, in the US at least, are preventing malware from being distributed broadly.

“It is reasonable to assume that anywhere else that mobile apps are governed strictly by Apple and Google, mobile malware will continue to be a science exercise and not a broad problem,” he added. 

“That said, the security concerns for mobile are there. They are just different.”

These include loss or theft of a BYOD device, which could put corporate data in danger, and security risks that emanate from the cloud apps devices connect to.

“Technologies like mobile device management and application wrapping can help enterprises ensure their company information is secured on these devices,” Foster advised.

So minimal is the risk to US users from mobile malware that he said 'money making' malware designed for smartphones would likely never become a problem for users as it has been on the desktop.

“We try to solve today's problems like we did yesterday’s. Today’s problems are different,” Foster concluded. 

“Once an enterprise understands that and walks through the different risks posed to their business, the enterprise can understand what tools and processes can help mitigate those risks.”

Damballa’s findings will be welcomed by Google, whose Android platform has borne the brunt of much criticism since launching for failing to include enough safeguards to keep malicious apps out of the ecosystem.

Android engineer Adrian Ludwig was at RSA Conference this week promoting the message that Google is doing enough to keep the bad guys at bay.

He claimed that less than 1% of devices have potentially harmful apps installed, and that using only Google Play can reduce risk even further.

It is noticeable from his data, that there’s a huge spike in PHAs in Russia and China, where use of third party app stores is more common.

What’s Hot on Infosecurity Magazine?