Mobile malware has become a profitable industry

Lookout released its State of Mobile Security Report 2012 which explains the issues that individuals faced on mobile devices this year and explores the prominent trends in mobile threats.

Mobile malware has now become a profitable industry. Because of its global ubiquity as a phone payment mechanism, premium text billing is the most common tactic used by malware writers to commit financial fraud on mobile. This class of malware, termed “Toll Fraud,” has become the most prevalent type of malware within the past year. Just one family of Toll Fraud malware, FakeInst, accounted for 82 percent of Lookout user detections in June 2012 and is estimated to have successfully stolen millions of dollars from people in Russia, the Middle East, and parts of Europe.

Mobile privacy is a growing issue. Privacy is one of the biggest issues people face on mobile devices. In 2012, a significant portion of privacy problems arose from aggressive advertising techniques, including pushing out-of-app ads and accessing personally identifiable information without user notification. Lookout estimates that five percent of Android applications include these aggressive ad networks and these apps have been downloaded more than 80 million times.

Geography and user behavior are main drivers for encountering threats. People in Russia, Ukraine and China have a significantly higher likelihood of encountering malware than elsewhere. User behavior is the other leading factor; people who download apps outside of a trusted source, like Google Play, have a higher chance of encountering malware.

Visiting unsafe links from a mobile device is one of the most common ways people encounter mobile threats. Web-based threats like phishing are often able to target both traditional PC users and mobile users equally, making these schemes easy for malware writers to produce and replicate. Lookout’s detected that four out of ten mobile users click on an unsafe link over the course of a year.

Gaming the app ecosystem. Lookout observed malware designed to enable shady app promoters to conduct download fraud. These malware families primarily affected users in China. In the past year, Lookout discovered malware capable of automatically downloading apps from alternative app market sources without the user’s knowledge, rooting the phone to download additional apps without warning, or installing third-party app stores.

“Trust is one of the most important factors influencing whether people will continue to use mobile devices to their full potential,” said Kevin Mahaffey, CTO of Lookout. “As smartphones and tablets have come to house our personal data, access financial information, and power practically all of our communications, there are more incentives for attackers to strike. Our mission is to identify and solve emerging threats so people around the world can continue to trust their mobile devices.”