2012 mobile malware predictions

UK: Lookout Mobile Security, the global leader in mobile security, unveiled its 2012 Mobile Malware Predictions, based on data collected from its Mobile Threat Network, which includes more than one million apps and 15 million user devices worldwide.

Mobile threats are on the rise — Lookout estimates that mobile threats successfully stole more than one million dollars from Android users in 2011. In 2012, Lookout predicts that the criminal business of malware will be more profitable than ever before as the possibility of monetising mobile devices grows and the cost of infecting devices lessens.

In the report, Lookout reveals that the annual likelihood of an Android user encountering malware today has increased to 4 percent up from a 1 percent likelihood measured at the beginning of 2011. Web-based mobile threats are also an important component of Lookout’s research, and the company found Android users worldwide have a 36 percent chance of clicking on an unsafe link in 2011. Additionally in the report, Lookout anticipates the methods that would-be thieves will use to target mobile users directly and discusses tips for consumers to protect themselves.

“2011 was a watershed year in terms of the types threats we saw emerging. Threats had greater sophistication and were deployed using more innovative and efficient distribution methods,” said Kevin Mahaffey, co-founder and CTO at Lookout. “In 2012, we expect to see the mobile malware business turn profitable. What took 15 years on the PC platform has only taken the mobile ecosystem two years.”

Mobile malware monetisation trends
Mobile Pickpocketing (SMS/call fraud): In 2012, Malware writers will continue to steal money directly from consumers by accessing their mobile devices’ ability to charge phone bills via SMS billing and phone calls. Earlier this year, Lookout identified GGTracker, the first mobile malware that steals money from users in the US and earlier this week Lookout identified another Android Trojan, RuFraud, targeting Eastern European users.

Botnets: To date, Lookout notes botnet networks have yet to be used at scale. In 2012, Lookout anticipates malware writers could secretly integrate thousands of mobile devices into extensive botnet-like networks to distribute spam, steal private info, and install other malware. DroidDream and Geimini are examples of botnets.

Vulnerable Phones: Due to the difficulty of updating software and patching vulnerabilities on mobile phones, malware writers will continue to exploit iOS and Android OS at a pace greater than vulnerabilities can be resolved.

Mobile malware distribution trends
Automated Repackaging: Malware writers will develop tools that enable the automatic repackaging of malicious applications. Lookout has seen instances where several infected apps were packaged by the same developer within a matter of seconds — quicker than someone could do manually — so the means for automated repackaging may already be in existence.

Browser Attacks: As with PC-based threats in the past, malware writers will attempt to profit via Web-based distribution like email, text messages and fraudulent websites. Even iOS devices have been targeted by websites designed to jailbreak them. In 2012, Lookout expects a continued increase in mobile phishing and messages linked to websites that automatically install malware.

Malvertising: Instances of malvertising (genuine-looking advertisements that link back to fraudulent sites) will continue to increase. Given this method has been successful with Trojans like GGTracker, we expect other malware writers to try similar distribution tactics.