There is no denying that mobile phones have long been established as the most popular personal electronics devices. As of 2021, the number of mobile device users in the world is 5.3 billion. This number translates to slightly over 67% of the world’s population possessing a mobile device. What does that bring along? The amount of malware developed to attack mobile devices has expanded significantly. The annual change in the number of unique mobile device subscribers is equal to 1.9% or 97 million new users. We are face to face with real disaster – since the size of a target audience increases, the volume of malware attacks will see a negative upward trend, too. Stay educated and learn how to protect yourself against mobile malware.

Mobile malware explained

Malware includes any type of malicious software, including viruses. It is designed to perform harmful functions on computers and networks. Malware is used for many reasons, ranging from tricking a user into providing personal data for identity theft, stealing consumer credit card data, or executing denial-of-service attacks against other networks. Some of the most common malware types include worms, spyware, adware, and trojans. Do not think that malware is only developed for traditional desktop platforms, that it also targets mobile devices.

4 major infection vectors of mobile malware

We discuss below the four most common ways that your mobile devices can get infected with malware.

1. App store distribution

Distributing malware through apps and downloads is known to be the most common method criminals use to lure in their victims. Trojans are uploaded to app stores in large numbers to benefit from the volume distribution in much the exact way that spammers rely on a low volume of respondents from the millions of emails they send in each attempt. Criminals usually use popular and trending apps for greater user consideration. Some of these campaigns can lead to hundreds of thousands of installs. The bad news is that Trojan-injected apps are identical to the originals, with only minor variations of the legit developer’s credentials.

2. Phishing-driven distribution

Mobile phishing is nothing new. A popular method for pressurising users into downloading malicious apps is to send them links to Android Package Kit (APK) files hosted on actor-controlled websites, normally achieved via either SMS or email spam messages delivered to large groups of users. Among Android users, APK files are so popular. Nevertheless, not all of them must be trusted, as some APK files may contain a malicious piece of code. Once downloaded, it can threaten your device’s security and result in the theft of personal data.

3. Compromised websites

The spreading of mobile malware can also be executed through the compromise of a legit website that is later used to host a malicious app. Simply speaking, a compromised website is a site that attempts to install malware onto your mobile device. There are different types of website malware, such as conditional redirects, malicious JavaScript, and SEO spam. This approach lends an extra layer of legitimacy to the campaign, as potential victims are not likely to think that a known website is trying to compromise their mobile security. In 2020, over 268.000 “never-before-seen” malware variants were detected by SonicWall. Sounds disturbing, right?

4. Software exploitation

There are limited circumstances where an intruder may procure remote exploits for typical software installed on target devices, and then use them to set up their payloads without user interaction. Do you remember the disclosure of a vulnerability in the WhatsApp application in 2019? It allowed attackers to obtain remote code execution on target devices through a specially built series of secure real-time transport protocol packets. In fact, exploits of this class are relatively rare. However, their existence shows that even strong adherence to not installing untrusted applications may not be sufficient to prevent compromise for certain types of targets.

Deployment motivations of mobile malware

Unquestionably, money is a huge motivation for many types of criminals. According to Verizon’s 2020 Data Breach Investigations Report, 86% of the data breaches were financially motivated. So, financial gain is what motivates malware developers most often. Because of the rapid growth of mobile banking applications, mobile devices have become a valuable target for criminals.

Another deployment motivation is to gather intelligence. The installation of mobile malware provides access to a large amount of victim data that includes contact information, message contents, audio data, and geographic location. This information could mean substantial value to a number of bad actors who seek to gain data on a target over a period of time.

How to protect your mobile device against malware?

We have recently spoken with Christian Wojner (See his Linkedin profile here) to ask for his expert advice on how to protect your mobile device against malware attacks. Christian is a Senior IT-Security and Malware Analyst. He said that: “Malware on mobile devices can usually be traced back to some unthoughtful user activity. There are only very few cases where malware infections can be attributed to remote activators or drive-by. Hence, there is a lot of DOs and DON’Ts, users should be aware of to be able to act properly and prevent their devices from getting infected by malware.”

He adds: “Keep your device updated! Updates are key to keep your device as secure as possible. This applies to both the operating system of your device and the apps you have installed on it. Be aware that devices will eventually get out of date and will therefore no longer receive according to security updates. As a matter of fact, they will become more and more vulnerable from this moment on. Never ever root or jailbreak your device!

People do this because they want to install an app from an unofficial store, or if they want to have special functionalities which otherwise would not be available. However, one has to be aware that this renders the device vulnerable to a multitude of attacks that would previously have failed. Only install apps from official stores! Apps in official stores are checked for maliciousness, which reduces the risk of accidental malware infections to a minimum. If you can’t find a particular app in an official store, chances are that it just did not make it in due to those checks, or it was deliberately kept off the store by its developer for some reason. However, the mentioned checks, albeit of their high quality, are by no means perfect, so that malware sometimes makes it into an official store.”

Christian concludes that: “If “something” – an e-mail, a message, a pop-up on a website, a Facebook advertisement, … – try to convince you to install an app on your device, think twice! Do you need that app? If so, take the time to read the app’s reviews and do some research on the web for information on it. Delete apps you do not need. Every app that you install on your device increases its potential for vulnerability. This is especially true when apps become obsolete and are not supported anymore. Be critical when granting permissions to apps. Think twice if the app you just installed, really needs all of its requested permissions. If some of the latter just doesn’t make any sense in terms of the app’s purpose, take the time to read the app’s reviews and do some research on the web for information on it. If you are still not sure, delete it and try another one that fits your needs.“

Final thoughts on mobile malware protection

Mobile malware is real. It is typically used to steal information that can be monetised like login credentials and bank account numbers, and also intellectual property like financial algorithms and trade secrets. Stay vigilant and consider the advice provided by the expert above in order to protect yourself from mobile malware.