05:00 PM
Connect Directly

Ransomware Ranked Number One Mobile Malware Threat

Blue Coat report shows cyber blackmail has ported to mobile devices.

The ping pong debate over whether mobile devices have developed into a truly mainstream cyberattack vector gained a little fodder today with a new report out from Blue Coat that claims an uptick in the number of mobile ransomware attacks in 2015.

"As we sleep, exercise, work and shop with our mobile devices, cyber criminals are waiting to take advantage of the data these devices collect, as evidenced by the types of malware and attacks we're seeing," said Dr. Hugh Thompson, CTO and senior vice president for Blue Coat.

The firm reported that mobile ransomware leads the attack types on the mobile front, followed by potentially unwanted software (PUS), and information leakage.

“With the increased performance capabilities of modern smartphones, it was only a matter of time before more advanced cryptographic ransomware, such as SimpleLocker, started showing up on mobile devices,” the report said, explaining that the techniques mirror the behaviors of ransomware proliferating in PC environments.

This report comes close on the heels of a report earlier this month by IDG and Lookout that claims 74 percent of businesses report having experienced a breach as a result of a mobile issue—be it vulnerable apps, malware hidden in apps, insecure WiFi, or apps prone to information leakage.  

According to BlueCoat, the top infection vector this year has by far been pornography, accounting for 36 percent of malicious traffic coming from devices examined by the firm. On the bright side, malvertising attacks against mobile targets appear to be on the decline, dropping by 20 percent in the past year.

Despite growing concern about the potential for disaster should cyber attackers choose to target the mobile ecosystem—particularly as mobile payment goes mainstream—many experts say it's still a tempest in a teapot. Researchers at Damballa earlier this year calculated that based on a study of half of all US mobile traffic, users were 1.3 times more likely to get struck by lightning than be infected by mobile malware. And the experts behind Verizon’s Data Breach Investigation Report at Verizon Enterprise Solutions flat out refute that 74 percent occurrence rate for mobile-related breaches.

Blue Coat does acknowledge Verizon’s thoughts on the matter explaining in the report that “the sky is not falling—but putting on a helmet is a good idea.”


Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
11/2/2015 | 3:30:39 AM
Re: Mobile OS
74% wow thats pretty huge. The amount of advances in Mobile Malware lately is astounding. Really should be a Red Flag to anyone with a mobile to get some security for your phone. In other words het yourself a helmet folks! :)



User Rank: Apprentice
10/30/2015 | 12:40:34 PM
Following the Money
Thank you for pointing me to the Mobile Malware Report.  As more people move to their phones for making payments, the number of attacks on mobile will only increase.
User Rank: Ninja
10/29/2015 | 2:20:52 PM
Mobile OS
Statistically for mobile malware specific to ransomware for this article, what OS was hit harder (iOS or Android)?
Register for Dark Reading Newsletters
White Papers
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
According to industry estimates, about a million new IT security jobs will be created in the next two years but there aren't enough skilled professionals to fill them. On top of that, there isn't necessarily a clear path to a career in security. Dark Reading Executive Editor Kelly Jackson Higgins hosts guests Carson Sweet, co-founder and CTO of CloudPassage, which published a shocking study of the security gap in top US undergrad computer science programs, and Rodney Petersen, head of NIST's new National Initiative for Cybersecurity Education.