80 Percent of Mobile Malware Now Strikes Windows PCs -- Redmondmag.com

The Schwartz Report

80 Percent of Mobile Malware Now Strikes Windows PCs

Windows PCs are now the source of 80 percent of all mobile malware, according to a report released last week. That may offer little consolation if you're an iPhone or iPad user that has just learned about a malware program called XcodeGhost, a corrupted version of Apple's Xcode language that was embedded in a slew of apps, most notably the popular WeChat, representing the first time an exploit has gotten into the Apple Store.

The rise in spyware and continued attacks on Windows PCs, as well as continued rise in vulnerabilities in Android, are the latest findings from Alcatel-Lucent's Motive Security Labs, the company's malware analysis lab. The Motive Security Labs H1 2015 Malware Report found that after a 0.5 percent decline in infections hitting Android-based devices in the first quarter a surge in attacks led to a 0.75 percent rise in the second quarter, resulting from increased adware infections running on Windows-based PCs connected to mobile networks.

Windows PCs connected on mobile networks, particularly via dongles, mobile Wi-Fi devices or tethered to smartphones, are the most vulnerable. "They are responsible for a large percentage of the malware infections observed," according to the report. "This is because these devices are still the favorite of hardcore professional cybercriminals who have a huge investment in the Windows malware ecosystem. As the mobile network becomes the access network of choice for many Windows/ PCs, the malware moves with them."

Two years ago malware hitting mobile devices was evenly (50-50) split among Windows PCs and Android devices, according to Alcatel-Lucent. The fact that 80 percent now strike Windows machines and only 20 percent on Android devices (the amount on iOS and BlackBerry is negligible) is likely the result of Google's efforts to eliminate malware from Google Play and the company's new Verify Apps feature introduced to Android and available on nearly 80 percent of devices running Android 4.2 (Jelly Bean) or higher. Yet despite accounting for a smaller proportion of devices attacked, the number of Android malware samples doubled in the first half of this year, according to the report.

Despite the release of Verify Apps, most malware distributed to Android devices are delivered as Trojans, by which Android remains the easiest target because it is open, available on third party app stores and Web sites and they're self-signed, meaning it's difficult to trace malware to its developer, the report added. The study also noted that attackers can easily hijack Android apps, inject code and resign them.

As for the proportional shift to Windows, the period covered precedes the release of Windows 10. With this upgrade, Microsoft has made Windows a much more difficult target. These findings could embolden the case for people to upgrade to Windows 10, which adds a number of key new security features including multifactor authentication and biometric identity management.

It'll be interesting to see what the stats look like next year. Who knows where iOS will be in the mix.

Posted by Jeffrey Schwartz on 09/21/2015 at 3:38 PM

Featured

What's Inside Microsoft 365's Security Toolbox?

Microsoft provides plenty of native tools to secure Microsoft 365. IT pros just have to know where to look.
Microsoft Kills 30-Day Data Retention Policy for Copilot in Fabric

Microsoft this week announced several usability improvements coming to Copilot in Fabric in preparation of its general availability release later this year.
Using Microsoft Office to Build a Network Diagram 2

Now that we've set up our process, let's dig in with the actual execution.
Microsoft Graph 'Activity Logs' Feature Goes Live

Microsoft announced the general availability of the "activity logs" capability in Microsoft Graph, giving administrators more options to track user activity and identify patterns of potential misuse.
Fallout from Microsoft's 'Midnight Blizzard' Saga Hits Feds

When the Russian attack group Midnight Blizzard successfully breached Microsoft corporate e-mail accounts late last year, it apparently managed to steal U.S. government agency e-mails, too.