Mobile threats increased during first half of 2011

“As mobile devices grow in popularity, so do the incentives for attackers,” explains Kevin Mahaffey, CTO and co-founder of Lookout Mobile Security. “We’ve seen the prevalence and the level of sophistication of mobile malware attacks evolve significantly in the first six months of 2011. We expect this trend to continue as more and more people adopt mobile devices.”

Lookout Mobile Security, a leader in mobile security, has released the results of its Mobile Threat Report for the first half of 2011. Based on data collected from more than 700,000 apps and 10 million devices worldwide, the Mobile Threat Report findings indicate that mobile malware has increased significantly. Lookout estimates that between .5 million and 1 million users have been affected by mobile malware already this year. In addition, web-based threats, which operate across platforms, have emerged as a significant threat as well. Thirty percent (three out of every ten) mobile users are likely to click on an unsafe link, including malicious and phishing links over the course of a year.

cell phone handAmong the top mobile threats emerging during the first six months of 2011 are:

Theft by charging premium text message rates. The first known Android malware specifically targeting Android users in the U.S. is GGtracker which was first discovered in June 2011. This malware signs users up for premium text message subscription without a users knowledge or permission. Then, adding injury to insult, the subscription charges $10 per service to a person’s phone bill. In some cases Lookout reports users were charged for multiple services with total charges of up to $50.

New malware distribution methods. Malware developers discovered new means of distributing their pernicious programs during the first half of 2011. Lookout reports that attackers repackage legitimate applications with malware, creating Trojan apps which appear legitimate but are actually malicious. These malware apps in legitimate clothes are then posted to app stores and download sites.  The first Update Attack in which a developer publishes a legitimate application with no malware, however, once a user base has been established the developer publishes an update to the application that does include malware. Malvertising is another popular distribution method for malware. Malvertising uses mobile ads to direct users to a malicious website that triggers an automatic download of malware.

The number of unique apps containing malware found on markets and download sites during the first six months of 2011 grew to 400 from just 80 in 2010. DroidDream and GGTracker, two of the year’s most  prevalent threats were regularly published in new apps between January and June. In fact, Android uses are now 2.5 times as likely to encounter malware compared to just six months ago.