IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Businesses on alert as mobile malware surges 500%

Researchers say hackers are deploying new tactics that put Android and iOS at equal risk

Researchers have said they observed a 500% increase in mobile malware infections across Europe since the start of February 2022.

The majority of malware was observed on Android devices, with six of the most serious strains targeting Google's operating system compared to just one targeting iOS, according to Proofpoint researchers.

Following an uptick in mobile malware infections back in April 2021, researchers told IT Pro that detections had largely tapered off and remained low until February 2022, although they were unable to pinpoint a reason for the sudden surge.

Proofpoint said most mobile malware is still downloaded via app stores and is especially prevalent on Android devices given the platform’s openness to multiple different app stores.

Side-loading – the practice of allowing apps to be installed via third-party app stores or directly onto the device – is also prohibited on iOS, helping to limit the spread of infections.

However, Proofpoint said it has noticed a distinct rise in attacks using mobile messaging, including SMS-based phishing attacks known as smishing. Given Android’s support for side-loading, it means this technique is more effective on that platform compared to iOS.

The finding is especially important for businesses that distribute Android-based company devices to their workforce. Many businesses install security measures that prevent access to third-party app stores but smishing may bypass some of these provisions.

“Mobile messaging is a highly trusted communication channel and users are much more apt to read and access links/URLs contained in mobile messages than those in email,” said Jacinta Tobin, vice president of Cloudmark operations at Proofpoint to IT Pro.

Related Resource

Introducing the zero trust edge model for security and network services

Get a better understanding of emerging zero trust solutions

Whitepaper cover with black block across the top and yellow, green and black pipe graphics with title and copyFree Download

“This level of trust combined with the reach of mobile devices in the general public, where nine in ten possess a mobile device, makes mobile messaging a very attractive platform for commercial and marketing activity. This makes the mobile channel ripe for fraud and identity theft both now and in the future through this expansion.”

The most common types of malware found were those that used malicious apps to record phone calls, or those that take audio from the device outside of phone calls.

Data wipers, which have been especially common in the recent cyber attacks on Ukraine emanating from Russia, were also increasing in popularity.

This differs from the traditional purpose of malware, Proofpoint said, which typically involves gaining access to a system and potentially stealing data or account credentials.

Of the most common malware types, all had a financial impersonation component and all had a credential-stealing function.

For example, the long-feared FluBot malware, which installs an invisible overlay on mobiles to steal login credentials, activated when banking apps are used, was found to be one of the most common types of malware affecting Android users in Europe.

TangleBot was first observed in North America but has recently been found in Turkey. It typically spreads via fraudulent package-delivery notifications and may have links to the FluBot campaign. Notably, it is one of the few malware strains that combine financial impersonation with the newer audio-recording thefts.

“In both cases, the malware uses similar distribution methodologies, landing pages, language and SMS lures,” Proofpoint said. “One enticing lure that TangleBot has been known to use is a software update notification.”

Proofpoint said “awareness is critical” when keeping safe online, and more needs to be known about the dangers of mobile malware.

Users have been advised to be extra vigilant when it comes to reviewing emails and texts, especially for Android users, and consider installing a mobile antivirus app from a trusted source.

“Consumers need to be very sceptical of mobile messages that come from unknown sources,” said Tobin. “And it’s important to never click on links in text messages, no matter how realistic they look.

“If you want to contact the purported vendor sending you a link, do so directly through their website and always manually enter the web address/URL. For offer codes, type them directly into the site as well. It’s also vital that you don’t respond to strange texts or texts from unknown sources. Doing so will often confirm you’re a real person to future scammers.”

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

Qualcomm and Mediatek flaws left millions of Android users at risk
Security

Qualcomm and Mediatek flaws left millions of Android users at risk

22 Apr 2022
Best smartphone 2022: The top handsets from Apple, Samsung, Google and more
Mobile

Best smartphone 2022: The top handsets from Apple, Samsung, Google and more

8 Apr 2022
Google will cull out-of-date Play store apps in bid to improve Android security
Google Android

Google will cull out-of-date Play store apps in bid to improve Android security

7 Apr 2022
Hackers could use new Wslink malware in highly targeted cyber attacks
malware

Hackers could use new Wslink malware in highly targeted cyber attacks

1 Nov 2021

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Preparing for the 3G sunset
Network & Internet

Preparing for the 3G sunset

18 May 2022
(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security
Careers & training

(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security

17 May 2022