Taking a year-on-year view, malware engineered for the Google Android mobile platform rose most significantly, with a four-fold increase in the number of exploits identified throughout 2010 – although the total number of Android exploits is still at a low level relative to older platforms. The sharp rise comes as cyber criminals shift their focus towards those technologies and platforms that are likely to see the most widespread adoption in coming years. Such viruses put mobile subscribers at risk of monetary, privacy or data loss, often before the user even realises there is a problem. Smartphones running Java-based applications saw the second highest increase in malware reports, up 45 per cent on 2009. Reported exploits aimed at the iPhone declined, whilst new Symbian malware also fell by 11 per cent. WinCE-based viruses rose by seven per cent.
“With the increasing pervasiveness of Smartphone devices, 2010 has undoubtedly been the year that fraudsters have truly turned their attention to mobile platforms,” says Gareth Maclachlan, Chief Operating Officer, AdaptiveMobile. “The vast majority of consumers are acutely aware of the threats that PC-based viruses, spam messages and phishing emails pose, but many are still unaware of the risks associated with their mobile devices.
“With Smartphone penetration reported to reach 37 per cent in Europe and 44 per cent in the US by 2012,* we predict that the number of threats targeted at unsuspecting mobile users will continue to increase at an exponential rate throughout the course of 2011. Even more significantly, the nature of the threats we are seeing will increase in sophistication. Whereas the majority of existing threats target either SMS, voice, email or web, the next year will see the emergence of the ‘compound threat’ – intelligent scams designed to exploit multiple phone capabilities in order to reap maximum reward for the criminals, before the user even realises they have become a victim.”
Mclachlan concludes; “This trend towards more sophisticated attacks is set to shake up the telecoms and security markets as traditional approaches to protecting subscribers can simply no longer provide adequate protection. As these compound threats continue to emerge, so does the need for an intelligent approach to mobile security - keeping the industry one step ahead of the criminals to ensure that such threats do not reach mobile users in the first place.”