Which mobile OS is most hit by malware?

As most mobile phone users still don’t have a mobile AV solution installed on their devices, it can be rather hard to gauge just how many of them have been hit by mobile malware.

But, mobile phones often get synched with the users’ computers. Also, users often use their computers to search for mobile apps on third-party application markets and file-sharing sites, so mobile malware occasionally does end up on their desktop/laptop computers, and gets detected by AV software.

And this is precisely how Microsoft researchers manage to get an idea of just what kind of malware attacks the various mobile operating systems.

So far, it seems that users with Symbian-running devices are getting hit with a disproportionately bigger number of threats than those targeting other operating systems. During August, Microsoft detected around 42,000 of them.

“In the past, the main intent of Symbian-specific malware was to spread via Bluetooth and SMS (by distributing a URL leading to a copy of the malware), or to overwrite the mobile device’s system files, rendering the device unusable. However, malware on this platform seems to be evolving,” shares Microsoft’s Marianne Mallen, and says that Zeus-in-the-mobile (“ZItmo”) and SpyEye-in-the-mobile (“Spitmo”) are the most recently detected and arguably the most dangerous for the user.

The Java ME platform takes second place, with nearly 24,000 threats detected in August, mostly apps sending text messages to premium rate numbers.

When it comes to Android malware, the numbers are rather low when compared to those for the previous two platforms (around 2,800 hits in August), but have been steadily rising since February. It also must be mentioned that much of the malware targeting Android uses privilege-escalation exploits in order to install itself or additional components on the device without having to ask the user for permission.

At the end of the list are iOS and RIM. No new threats for Apple’s mobile os have been discovered this year, and the total number of threats detected in August was around 590. RIM brings up the rear with only 5 malicious apps detected during that month, and can boast of only one completely new threat springing up for it this year: Zitmo.

Mallen’s advice to mobile users is to scan applications downloaded whenever possible, even when it’s already on a mobile device.

“Users often search from their desktops for unlocked or full versions of mobile applications already available in the official market, but they may be unaware that the software they are getting may be an application that has been repackaged with malware that can run stealthily without the user being made aware of the underlying payload,” she points out. “The payload can include data-theft, silent SMS-sending in the background, and downloading and installing of other malware components, among other things. This malware (or links to it) could also be spammed or sent through mail, using social engineering to entice the user to download a copy of the malware on to the desktop.”