The number of mobile-oriented malware has increased exponentially over the past few years. According to Statista, the first half of 2021 saw over 2.3 million mobile malware installation packages. The number of attacks detected has decreased compared to the previous year but the attacks have become more sophisticated, as per Kaspersky. IT professionals are seeing mobile-specific malware that is designed to target smartphone features and exploit vulnerabilities.
As mobile devices become central to modern life, more sensitive and high-value data is exchanged on the go making it a popular target for cybercriminals. For organizations that depend on mobile devices to conduct business activities daily or allow employees to carry their personal smartphones and tablets as a part of their BYOD policy, the threat of mobile malware attacks is high and needs to be addressed urgently.
What is Mobile Malware?
Mobile malware is malicious software created to target mobile devices such as smartphones and tablets. It is specifically written to exploit particular mobile operating systems and related technology. Cybercriminals use many types of mobile malware variants and distribution methods to infect mobile devices. They may have one or several objectives, including stealing private data, locking a fleet of corporate devices for demanding money for its release, or charging users fees for services they did not sign up for.
Mobile Malware Attack is Exploding
- Earlier this month in February, researchers at Proofpoint detected a 500% jump in mobile malware delivery attempts in Europe.[*]
- The number of stalkerware attacks on the personal data of mobile device users increased to 67,500 in 2019, almost double the number of attacks the year before.[*]
- Android is the most popular target for attacks. The platform is open to multiple app stores and users can sideload apps from anywhere on the internet. This allows bad actors to compromise Android phones in just a few steps.
Different Types of Mobile Malware
Madware, a portmanteau combining the words mobile and adware, installs a script or program on a mobile phone without the user’s consent. The purpose of madware is to collect data and spam users with ads. There is an element of spyware in which the madware collects data about phone usage and shares it with a third party. This data may include location, passwords, and contacts.
Attackers use mobile ransomware to steal sensitive data from a smartphone or lock a device, demanding payment to return the data to the user or unlock the device. Using social engineering techniques, users are tricked into downloading benign content or critical software. It then shows a fake message accusing users of unlawful activity before encrypting corporate data and locking the device.
Mobile phishing is a popular sub-type of phishing method. For phishing emails, users have the ability to hover over the link to see where it redirects and potentially identify a harmful URL. Mobile phishing, however, uses applications to deliver mobile malware. Users cannot differentiate between a legitimate application or a fake application, making this type of attack effective. Phishing campaigns through SMS and MMS applications have created a sub-category of mobile phishing called smishing.
Viruses and Trojans
Such types of mobile malware often fly under the radar and go undetected by users. They may carry harmless payloads, such as changing language or wallpaper settings. But a majority of them have malicious intent in mind. Bank trojans appear as legitimate applications and look to compromise users who conduct their banking transactions from their mobile devices. Such trojans aim to steal financial details and passwords.
Browsers are inherently designed to interact with other websites and applications. Browser exploits are code that allows attackers to exploit the vulnerabilities in browsers and their related extensions, applications, and third-party plugins. When a vulnerable browser meets a website infected in the previously mentioned ways, attackers take control of the browser and applications associated with it.
How to Protect Against Mobile Malware with Mobile Device Management
Organizations that plan to protect their corporate-owned devices or employee mobile devices under its BYOD policy, can benefit from an MDM-first approach. Besides the threats mentioned above, many other factors compromise the security of mobile devices such as poor passwords or jailbreaking. An effective MDM software can nullify mobile threats by:
- Controlling apps: MDM solutions are designed to help IT teams remotely monitor and control devices, including allowing only enterprise apps and blocking unauthorized apps. Users can be restricted to access safe listed websites as per the organization’s security policies.
- Updating OS: Users exploit OS vulnerabilities to jailbreak their phones and obtain root permissions. Device management allows IT professionals to deploy the latest and most secure OS versions. Some modern MDM platforms also provide alerts for users trying to invade the restrictions with jailbreaking.
- Managing Wi-Fi: Public Wi-Fi and other unsecured networks make it easier for attackers to perform man-in-the-middle and other attacks. Controlling Wi-Fi settings and preventing access to public Wi-Fi networks and ensuring corporate data is accessed using VPN can be achieved via an MDM.
- Enabling remote wipe on all devices: When attackers get physical access to a mobile device, a number of options exist for bypassing a screen lock. Remote data wipe is an MDM security feature that allows IT administrators to protect data from compromise when a device is lost or stolen.
- Setting up a geofence: Most MDM solutions identify lost or missing devices by remotely obtaining the device location. Few modern MDM solutions also enable companies to set virtual boundaries to physical locations. Geofencing restricts device functionality to a particular geographical location and secures corporate data.
To drive a successful mobile malware protection initiative, organizations need solid technology and employee awareness. Mobile device cybersecurity training is essential for teaching users the risks associated with unwise actions such as downloading untrusted apps and visiting unsafe websites. Combining responsible user behavior with a robust MDM solution should prepare companies against potential attacks.