New types of mobile malware make headlines every day, but what are the most prevalent threats out there? The team at Nominum decided to find out by analyzing Domain Name System (DNS) data of approximately half a million users from various countries.
Most malware uses the DNS to communicate and our technology processes about 30% of the worlds' DNS traffic, so we were able to identify the top five mobile-only malware threats.
We defined greatest threat as the most widespread malware that meets a baseline level of risk to the end user -- for example, malware that attempts to steal a person's identity and/or money. What follows is a summary of the current mobile malware landscape and a short description of each malware threat, along with some thoughts on what can be done to protect end users.
But how bad is it, really?
The mobile malware threat is real with a significant number of infections in existence today that are capable of stealing mobile phone users' identity, and this number is growing everyday. Our research shows that Android remains the top target of malware writers.
Despite that finding, our data was not extensive enough to prove just how prevalent threats were in the U.S. specifically, but recent research has shown that malicious links within text continue to be the biggest concern for mobile device users in the U.S. with 4 in 10 American users likely to click on an unsafe link.
Although Androids topped the list of mobile malware targets, there are still major regional differences in mobile malware prevalence. For instance, "Notcompatible" has a much higher infection rate in Latin America, while "SMSPACEM" and "Netisend" are much more prevalent in the Asia Pacific regions.
These regional differences may be explained by end users' personal networks. Like a cold or virus in the real world, once someone in a community gets infected with a mobile malware, they are more likely to spread it to others in that community -- instead of a sneeze, it is through SMS. As the mobile malware area is less mature than its fixed counterpart, it may take more time for mobile threats to "jump" networks; this will change soon, though, as malware threats get more sophisticated.
Mobile malware writers are leveraging many of the same social engineering techniques (e.g., spreading through end users' contact lists) and technical capabilities (e.g., rootkits) to spread and make money they've used on the Fixed side for years. As the proliferation of smartphones continues and the mobile ad market matures, the incentive of higher profit possibilities will encourage malware writers to write more sophisticated malware.
Sign up for Computerworld eNewsletters.