5 min

The Rise of Mobile Malware

It’s no secret that the world is becoming increasingly digital, especially after considering how many devices there are worldwide. Statista estimates that, by 2025, the number of mobile devices will reach around 18.22 billion globally.

Cybercrime - Zachary Amos - 4 July 2022

While mobile devices keep us connected to friends and family, allow us to work on the go, and benefit from the millions of applications available to us, using a smartphone comes with some risks.

Research suggests that mobile malware incidents – a type of cyberattack – are on the rise this year. Let’s explore the topic of mobile malware, types of mobile malware, why more smartphone users are being impacted by it, and some basic tips to protect your smartphone from a mobile malware attack.

What Is Mobile Malware?

As its name suggests, mobile malware is malicious software designed to wreak havoc on mobile devices, such as smartphones and tablets. Mobile malware is becoming an increasingly popular trend within the cybercriminal community.

Research from Proofpoint, a leading cybersecurity company, revealed that mobile malware cases are increasing in Europe this year. In early February, Proofpoint recorded a 500% surge in mobile malware delivery attempts.

The main objective of launching a mobile malware attack is to steal a user’s login credentials to online accounts, banking information, and other sensitive data.

Why Cases of Mobile Malware Cyberattacks Are Increasing

With many businesses around the world adopting remote-work models, more and more professionals rely on their mobile devices to get work done. It can be risky for employees to take work calls on their mobile devices because it can be an easy entry point for cybercriminals.

The remote-work trend is likely contributing to the rising number of mobile malware incidents. However, it’s also commonly understood that smartphones or tablets often have weaker security measures than laptops. While smartphone users can download specific applications with encrypted messaging and phone calls, this security measure alone will not prevent them from experiencing a mobile malware attack.

Proofpoint mentioned in its report that the trend of mobile malware is not new – the company has observed mobile malware cases over the past few years. There are several types of mobile malware circulating in the hacker community and across the globe.

Because mobile malware is more popular among cybercriminals, this type of attack is capable of causing more damage to a mobile device user. Some types of mobile malware can record phone conversations, track a user’s location, or even wipe content and data on a device.

Common Types of Mobile Malware Threats

Many smartphones come equipped with privacy and security features, but no device is completely immune from mobile malware. Ultimately, it’s up to the user to take certain precautions to protect themselves and their data.

Here are some of the common types of mobile malware threats that smartphone and tablet owners should be aware of:

  • Flubot: A sophisticated, worm-like malware that infects a device and spreads to other devices from the infected user’s contact list or address book. It can also access the internet, read and send messages, make voice calls, delete apps, and read notifications.
  • TeaBot: A Trojan malware that steals user credentials and messages and shows the infected device’s screen content to an attacker.
  • TangleBot: A powerful but elusive type of malware that spreads through phoney package delivery notifications or software update notifications.
  • MoqHao: SMS-based malware that can monitor device communications, grant an attack remote access to the device, and has other spying and exfiltration features.
  • BRATA: A type of malware that uses SMS to lure users into downloading a fake security application. Attackers can steal login credentials by inserting app overlays, intercepting multi-factor authentication (MFA) codes, and recording screen activity.
  • TianySpy: A form of malware that spreads when an attacker sends fake messages that appear to come from the mobile network operator.
  • KeepSpy: A type of malware that is sideloaded through a TianySpy mobile malware attack that only affects Android users. It allows attackers to control Wi-Fi settings, insert web overlays, and steal user data.

Understanding the main types of malwares can help smartphone and tablet users protect themselves. If a mobile device user reads this list, there’s a lower chance they’ll become a victim of a mobile malware attack.

Tips to Protect Your Phone From Malware Attacks

With mobile devices vulnerable to mobile malware attacks, what are some steps smartphone users can take to secure their devices and avoid becoming a cybercriminal’s latest victim?

Install Security Applications

Android and Apple users can download various security applications to protect their mobile devices from a potential mobile malware attack. Android users can use popular security apps like Bitdefender, Norton, or Avast. But their real effectiveness remains to be proven.

iPhone or iPad users can download security apps too, including TotalAV, McAfee, or Norton 360. Because smartphone users spend so much time on their phones, whether they’re streaming content, shopping online, or text-messaging friends, it’s critical that some basic security app is installed to offer an extra layer of security.

Be Wary of Messages From Unknown Senders

Most mobile malware infects a device after a user opens up a link or downloads an app in an SMS message. These messages are often sent from unknown sources, which should be a red flag for smartphone users.

Any messages from senders outside of your contacts should be considered suspicious until you can prove the identity of the person who sent the message. Never click on any links, photos, or other types of content within a suspicious message, as this could lead to further issues with mobile malware.

Never Download Third-Party Apps

Android users can download apps from various sources, whereas Apple users can only download apps from the iOS App Store. Some Apple users can download apps from third parties if they’ve jailbroken their iPhone, but Apple does not recommend jailbreaking your iPhone due to security concerns.

Either way, it’s highly recommended that smartphone users never add apps from unverified third-party developers to their phones, as they could be riddled with malicious code.

Report Suspicious Messages

The National Cyber Security Centre allows smartphone users to report suspicious messages for free. U.K. smartphone users can forward the suspicious message to 7726 and the smartphone provider will investigate the message and who sent it.

While smartphone users are becoming more digitally literate, it’s still possible for them to fall victim to a mobile malware attack. Using these tips will help protect anyone using a smartphone daily.

Avoid Mobile Malware Attacks

Cybersecurity regarding smartphones is not widely discussed, but it can become a serious issue for smartphone users and their personal data.

In addition to the specific tips above for protecting your mobile device, implementing basic cyber hygiene is a great first line of defense. Always remember the following:

  • Update all apps and operating systems in a timely fashion
  • Make frequent backups of important data
  • Change passwords regularly
  • Use multifactor authentication

No one wants their data to be stolen or their online accounts to be hacked. By implementing secure safeguards against malware and following basic cyber hygiene, you can increase your chances of keeping your smartphone secure and preventing a mobile malware attack from impacting you.

Send this to a friend