Mobile malware reached a new level of maturity in 2011, with threats targeting smartphones and tablets beginning to pose meaningful challenges to users, enterprises and service providers.
Juniper Networks' Mobile Threat Center (MTC) said in a new report that the boom in mobile devices and applications, both for businesses and of consumers, is also benefiting hackers. Global mobile handset shipments last year reached 1.6 billion and tablet shipments reached 66.9 million. The MTC examined 793,631 apps and vulnerabilities across every major mobile device operating system.
The "Mobile Threats" report shows that there are more attacks with ever smarter malware, largely due to the ease of unleashing them.
First, there is more mobile malware than ever before. There was a record number of mobile malware attacks last year, particularly on the Google Android platform. In the last seven months of 2011 alone, the number of malware targeting the Android platform increased by more than 34 times. The combination of Google Android's dominant market share and lack of control over the apps appearing in the various Android app stores created a perfect storm, giving malware developers the means and incentive to focus on the platform.
Research into Apple iOS security remains limited given the closed nature of its platform. But in 2011, security researchers were successful in getting an unapproved app onto the Apple App Store.
Overall, from 2010 to 2011, the MTC identified a 155% increase in mobile malware across all mobile device platforms. Last year, spyware and SMS Trojans comprised the vast majority of malware targeting mobile devices at 63% and 36%, respectively.
A new attack method dubbed "Fake Installers" was the fastest growing type of malware found in 2011. Fake Installers trick victims into unknowingly paying for pirated versions of popular apps that are normally free.
In addition, consumers and enterprises remain susceptible to a very low-tech risk - lost or stolen mobile devices. Nearly one in five users of Junos Pulse Mobile Security Suite required a locate command to identify the whereabouts of a mobile device.