Mobile Malware: Are You a Moving Target?


According to data from the PewResearch Internet Project, nearly 60 percent of American adults own a smartphone. These numbers are only increasing — BGR notes that Apple is already closing in on 21 million iPhone 6 sales in just two weeks.

But with such speedy adoption comes a new threat: mobile malware. PCWorld reports a “huge spike” in malicious attacks on mobile devices — are you at risk?

Why Mobile Malware?

Historically, desktops and laptops were the targets of choice for attackers. The sheer number used by corporations for storing everything from financial data to personally identifiable information (PII) made attacks profitable and successful, since it was impossible to defend every access point.

Increasing use of mobile devices, however, has prompted a shift in hacker mentality. Business users now carry tablets for on-the-go meetings and CEOs use smartphones to check market data. Consumers are also changing the way they use mobile devices; as apps become more sophisticated and the cloud more secure, we’re willing to trust banking, credit card data and other personal information to iPhones, Androids, Blackberries and Windows-based devices.

The result? An ideal attack market: millions of phones and tablets, all without the benefit of “typical” desktop security. It’s no wonder, then, that security firm McAfee reported a 197 percent increase of mobile malware between 2012 and 2013 — everything from malicious apps that can lock down your data to code that can take control of your device.

Who’s at Risk from Mobile Malware?

By far, the largest number of mobile malware infections happen on Android devices. In fact, they account for over 98 percent of all malware detected, according to Kaspersky Lab. In part, the operating system’s popularity is to blame — Android owns over 85 percent of the market worldwide — but the open-source nature of the software also plays a role. While iPhone and Windows users are permitted some control over the inner workings of their phone OS, Android users are able to customize almost any feature using a wide variety of third-party apps that may or may not be secure, and which may also contain malware. The same kind of control can be achieved by “jailbreaking” an iPhone or iPad, and comes with similar risks.

What’s The Worst That Can Happen?

It all starts with apps. Applications — even seemingly legitimate ones — may contain malicious code; once on your device, the code executes and you’re at risk. There are several common types:

  • Spyware/Adware: This malware installs on your device and then reports data such as location, messaging habits, phone or tablet IMEI or product ID to a third party.
  • Trojans: These programs masquerade as legitimate apps and then execute in the background, even if the application isn’t running. They can hijack your browser to capture banking data or your messaging app to send costly texts.
  • Viruses: Along with infection via application, you could also pickup a virus by clicking on an email attachment or embedded link. Worst case scenario? The virus takes over your phone, gains access to everything on it and then sends out emails to corrupt other devices.
  • Bots: These tiny programs lie in wait for certain processes to execute and then become active. For example, entering credit card data might “wake up” the bot, which steals the information and texts it to a botmaster.

Get Protection

Protecting yourself from mobile malware starts with app awareness. Never install any application you don’t fully trust, and don’t use “unofficial” app stores. If you are using something off-market, do some research on the vendor. And when installing an app, consider what kind of permissions it wants — does it really need access to your camera or text message history?

It’s also worth considering the value of anonymity and encryption offered by ExpressVPN’s virtual private network technology. Many mobile attacks succeed thanks to social engineering — attackers learn what you’re doing online and then create unique phishing emails. Our completely secure, IP-masked solution means your Internet habits stay confidential. What’s more, our 256-bit encryption keeps your data secure no matter what applications you’re using.

Mobile malware is on the rise. Don’t be a moving target: download only trusted apps, restrict permissions and get protected with a secure VPN.