While the Android OS had the highest number of threats discovered, Apple's iOS has the highest number of vulnerabilities.
This was one of the biggest takeaways from the 2013 Symantec Internet Security Threat Report released this week in Dublin. According to Symantec, there were a total of 387 vulnerabilities discovered on the iOS platform in 2012, while Android had 13. BlackBerry and Windows Mobile had just two. However, in terms of actual threats, iOS had just one; while Android had 103; Symbian had three and Windows one.
Android has a 72% market share, with iOS a distant second at 14%, according to Gartner. In the last year, there has been an increase in mobile malware, says the security software vendor, adding that this correlates with increasing numbers of Internet-connected mobile devices.
Presenting the findings of the report, Bulent Teksoz, Symantec's chief security strategist for emerging markets, said as a result of its market share and more open development environment, Android is the main target for mobile threats. "Typically, people use phones to store personal information and contact information and increasingly they have high-speed Internet connections. The smartphone has become a powerful computer in its own right, and this makes these attractive devices to criminals," said Teksoz.
"They also have the added advantage of being tied to a payment system - the owner's phone contract - which means that they offer additional ways for criminals to siphon off money from the victim."
Malicious apps
Teksoz also pointed out that apps with malicious intentions can present serious risks to mobile device users. He explained that the most common malicious mobile apps intend to collect of data from the compromised device. "This was typically done with the intent to carry out further malicious activities, in much the way an information-stealing Trojan might. This includes both device- and user-specific data, ranging from configuration data to banking details."
According to Teksoz, this information can be used in a number of ways, but for the most part, it is fairly innocuous with IMEI and IMSI numbers taken by attackers as a way to uniquely identify a device. "More concerning is data gathered about the device software, such as OS version or applications installed, to carry out further attacks, say by exploiting a software vulnerability. Rarer, but of greatest concern is when user-specific data, such as banking details, is gathered in an attempt to make unauthorised transactions."
He also pointed out that the next most common purpose was to track a user's personal behaviour and actions. These criminals use the data specifically to spy on the individual using the phone, he explained.
"This is done by gathering up various communication data, such as SMS messages and phone call logs, and sending them to another computer or device. In some instances, they may even record phone calls. In other cases, these risks track GPS coordinates, essentially keeping tabs on the location of the device, and their user, at any given time. Gathering pictures taken with the phone also falls into this category."
The third-largest group of risky apps is those that send out content, said Teksoz, noting that these risks are different from the first two categories because their direct intent is to make money for the attacker. Most of these risks will send a text message to a premium SMS number, ultimately appearing on the mobile bill of the device's owner, he said.
"Also within this category are risks that can be used as e-mail spam relays, controlled by the attackers and sending unwanted emails from addresses registered to the device. One threat in this category constantly sent HTTP requests in the hopes of bumping certain pages within search rankings."
Share