Mobile devices are increasingly becoming targets for cyber attackers, as they exploit vulnerabilities in built-in application services and execute more SMS phishing attacks. This trend is highlighted in Zimperium’s 2023 “Global Mobile Threat Report,” which reveals a 51% growth in the average number of unique mobile malware samples in 2022. This translates to approximately 77,000 unique malware samples being discovered every month. Furthermore, the report indicates that around 23% of Android apps and 24% of iOS apps submitted to public repositories were found to be malicious.
The rise in attacks on mobile devices has led to a significant increase in compromised devices, with a staggering 187% jump during the specified time period. The effectiveness of these tactics is evident from Zimperium’s observation that on average, each device had four successful clicks on malicious phishing links.
This surge in attacks comes as businesses and their employees increasingly rely on mobile devices. According to the 2022 “Verizon Mobile Security Index” report, 58% of companies reported an increase in the number of workers using mobile devices for business purposes compared to the previous year. Additionally, 59% of users reported conducting more work on their mobile devices.
JT Keating, Senior Vice President of Strategic Initiatives at Zimperium, emphasizes the importance of addressing mobile phishing and spyware threats, while also warning of the growing threat of mobile ransomware in the near future. Keating’s statement underlines the need for businesses and users to remain vigilant and prioritize mobile security.
The report also highlights the varying levels of cyber threats faced by Android and iOS devices. Approximately 80% of phishing sites target mobile devices, with content tailored specifically for these platforms. However, Android devices face a higher volume of threats compared to iOS devices. One explanation for this discrepancy is that Android has a higher number of disclosed vulnerabilities that can be exploited by threat actors. Over the past eight years, the Android operating system has disclosed an average of 500 to 900 vulnerabilities annually, while iOS has disclosed just over 300 vulnerabilities in five of the last eight years.
The report also cites app development errors as a contributing factor to the increased targeting of Android devices. Android apps, particularly those that interact with cloud storage instances, have a higher number of development mistakes compared to iOS apps. Approximately 10% of Android apps access unprotected cloud instances, including those provided by Google Firebase, Cloud Platform, Amazon Simple Storage Service (S3), and Microsoft Azure Cloud Storage. In contrast, only 2% of iOS applications exhibit the same behavior. Zimperium’s report highlights that 60% of applications at risk access the same 1% of unprotected cloud instances.
While Android faces more general threats, the report acknowledges that both Android and iOS are susceptible to top-notch espionage spyware. Kaspersky’s Georgy Kucherin notes that Android devices are more likely to become infected with malware distributed by cybercriminals. Additionally, the recent Triangulation cyber espionage campaign showcased the value in targeting the iOS platform.
One reason for the decreased number of attacks on the latest version of iOS is the lack of jailbreaking utilities. Jailbreaking allows users to install unauthorized software, but it also removes crucial security measures.
Although there has been a decline in mobile malware installers and ransomware, Kaspersky’s “The Mobile Malware Threat Landscape in 2022” report highlights an increase in banking Trojans. Cybercriminals continually improve malware functionality and spread vectors. They now utilize legitimate channels, such as official marketplaces and popular app ads, to distribute malware, including dangerous mobile banking malware and scam apps.
When considering the overall threat landscape, it is important to note that traditional computing platforms still attract the majority of cybercrime. Kaspersky reports blocking over 20 million malicious installers, spyware, and adware attacks on mobile devices in the past year. However, the number of attacks on more commonly used platforms like Windows was more than 20 times higher. Nonetheless, the mobile threat vector remains inadequately protected.
Zimperium’s Keating emphasizes the urgent need for enterprises to address the security risks associated with mobile devices. Whether corporate-owned or part of a bring-your-own-device (BYOD) strategy, implementing appropriate security controls and educating end-users about potential threats is essential.
As cyber attackers increasingly target mobile devices, organizations and individuals need to prioritize mobile security measures. By staying vigilant and implementing robust security controls, businesses and users can protect themselves against the growing threat landscape.