Malware delivered through adverts is putting mobile users at risk and has overtaken pornography as the highest volume delivery channel of mobile malware, says Blue Coat security labs.
The threat of malware delivered through ads, known as malvertising, has tripled in size from 2013, according to the security firm’s 2014 Mobile Malware Report.
However, the report warns that pornography is still the most potent distribution channel, accounting for 16% of infections despite representing less than 1% of all requested content.
In comparison, users are being served far more web adverts (12% of requested content), with only a slightly higher rate of infection at 20%.
Recreation categories in the form of mobile entertainment and games account for 11.74% of all content requested by mobile users.
The huge success of mobile games make it a prime target for cyber criminals looking for popular watering holes to exploit unsuspecting consumers.
The report notes that the Blue Coat Security Lab has yet to see the types of malware that fundamentally break the security model of the phone.
The most prolific mobile threats are spam, poisoned links on social networking sites and rogue apps.
“The social engineering nature of these threats means user behavior is key in identifying where attacks might occur and understanding how attacks may evolve,” the report said.
More on mobile malware
- Chinese mobile underground shows need for security, says report
- Video: Mobile phone users prone to SMS mobile malware
- Junipers' Mobile Threats Report: Mobile malware attacks grew over 600%
- Mobile malware up 163% in 2012, says NQ Mobile
- Android mobile malware rebounds in Q2, reports McAfee
- Mobile malware and social malware: Nipping new threats in the bud
- Mobile malware on the rise
- Mobile security model flawed, says Mobile Helix
- Rapid malware growth for smartphones, reports G Data
- Obad.a analysis: Is malware on Android devices now equal to Windows?
The report points out that the various mobile malware Trojans capable of data theft are able to operate over either the mobile phone network or any connected Wi-Fi network.
But when these applications transmit their information over mobile phone networks, they present a large information gap that is difficult to overcome in a corporate environment.
The report also concedes that it is difficult to argue that the market for mobile computing is overtaking the traditional PC market, which includes desktops and laptops.
The research shows that at the end of 2013, just 6% of the global population owned a tablet while 22% owned smartphones.
“Given the proliferation of the devices and the roughly 1.5 billion new ways to steal data, passwords or money, it is, perhaps, surprising that the mobile malware problem is not more widespread,” the report said.
Blue Coat researchers ascribe this in part to the lack of a cohesive underground economy in comparison with the robust mass market PC malware has developed into a robust underground economy.
In the mobile world, for example, there is nothing resembling the same type of well-developed exploit kit economy.
This means there are no readily available exploit kits where the vulnerabilities have been commoditised and made easier to use as there is in the Windows world.
As a result, mobile devices still remain largely free of the drive-by downloads that surreptitiously install malware without the user ever knowing.
Blue Coat predicts that mobile malware will continue to present a threat to users in the corporate and home environment.
The makers of mobile phone operating systems would do well to help users better manage how, when, and with whom mobile applications can communicate with the outside world, the report said.