Mobile malware grows by 614 percent in last year

The rate of mobile malware is higher than ever and the operating system of choice is Android, which receives 92 percent of all detected threats, a new report by Juniper shows.

Dara Kerr Former senior reporter
Dara Kerr was a senior reporter for CNET covering the on-demand economy and tech culture. She grew up in Colorado, went to school in New York City and can never remember how to pronounce gif.
Dara Kerr
3 min read
A snapshot from the third annual Mobile Threats Report from Juniper Networks. Juniper Networks

Mobile malware creators and smartphone makers seem to be in a neck-and-neck software race, but new data shows that the malware creators could be taking the lead.

Juniper Networks released its third annual Mobile Threat Report on Tuesday and the findings aren't pretty. Mobile malware grew at a rate of 614 percent from March 2012 to March 2013 -- that's equal to 276,259 malicious apps floating around out there. Last year, the increase was a mere 155 percent.

The report is based on an analysis of more than 1.85 million mobile apps and vulnerabilities across major mobile operating systems.

As operating systems are exploited at a growing rate, Juniper says it's clear that cybercriminals are becoming more entrepreneurial, savvy, and calculated. Rather than trying to crack into every system, they tend to go after the most popular: Android.

Worldwide, Android dominates nearly 60 percent of the smartphone market share, according to analyst firm Canalys; for comparison Apple has slightly more than 19 percent and Microsoft has 18 percent. According to Juniper, 92 percent of all detected mobile malware is targeted specifically at Android.

The majority of Android users haven't updated their devices to the newest version, which is another reason why cybercriminals prefer the operating system. As of this month, only 4 percent of Android users were running the latest OS, according to Juniper. As users remain on older versions, like Ice Cream Sandwich and Gingerbread, they miss out on new security updates from Google.

This isn't to say that other operating systems aren't vulnerable, however. Juniper warns that all operating systems can be exploited, including Apple's iOS.

"Theoretical exploits for iOS have been demonstrated, as well as methods for sneaking malicious applications onto the iOS App store. But cyber criminals have by and large avoided Apple's products in favor of the greener pastures offered by Google Android," Juniper's report reads. "This does not mean that iOS is more secure than Android."

The majority of malware attacks come to users via SMS Trojans, which trick users into sending text messages to numbers set up by cybercriminals. Forty-eight percent of the attacks are from these SMS Trojans, 29 percent are via fake installs, and 19 percent come from Trojan Spy malware.

The apps that are most mimicked by cybercriminals are Google Play, Skype, Adobe Flash, and Angry Birds. Recently, even a malicious "Bad Pigs" app was found masquerading as the popular Bad Piggies game on Google Play.

To lower the risk of mobile malware infection, users should avoid buying apps from third-party app stores, update mobile operating systems to the most current version, and don't allow apps to access to private and personal information stored on devices.

"There's no doubt mobility will continue to be a pervasive and disruptive force across every industry. We have found that it has created an easy business opportunity for malware developers who are becoming savvy in their approach to quickly turn profits in a rapidly growing market," Juniper Networks Mobile Threat Center director Troy Vennon said in a statement. "We anticipate that similar to the evolution of PC-based threats, mobile attacks will continue to increase and become more sophisticated in the coming years."