The Schwartz Report

Blog archive

80 Percent of Mobile Malware Now Strikes Windows PCs

Windows PCs are now the source of 80 percent of all mobile malware, according to a report released last week. That may offer little consolation if you're an iPhone or iPad user that has just learned about a malware program called XcodeGhost, a corrupted version of Apple's Xcode language that was embedded in a slew of apps, most notably the popular WeChat, representing the first time an exploit has gotten into the Apple Store.

The rise in spyware and continued attacks on Windows PCs, as well as continued rise in vulnerabilities in Android, are the latest findings from Alcatel-Lucent's Motive Security Labs, the company's malware analysis lab. The Motive Security Labs H1 2015 Malware Report found that after a 0.5 percent decline in infections hitting Android-based devices in the first quarter a surge in attacks led to a 0.75 percent rise in the second quarter, resulting from increased adware infections running on Windows-based PCs connected to mobile networks.

Windows PCs connected on mobile networks, particularly via dongles, mobile Wi-Fi devices or tethered to smartphones, are the most vulnerable. "They are responsible for a large percentage of the malware infections observed," according to the report. "This is because these devices are still the favorite of hardcore professional cybercriminals who have a huge investment in the Windows malware ecosystem. As the mobile network becomes the access network of choice for many Windows/ PCs, the malware moves with them."

Two years ago malware hitting mobile devices was evenly (50-50) split among Windows PCs and Android devices, according to Alcatel-Lucent. The fact that 80 percent now strike Windows machines and only 20 percent on Android devices (the amount on iOS and BlackBerry is negligible) is likely the result of Google's efforts to eliminate malware from Google Play and the company's new Verify Apps feature introduced to Android and available on nearly 80 percent of devices running Android 4.2 (Jelly Bean) or higher. Yet despite accounting for a smaller proportion of devices attacked, the number of Android malware samples doubled in the first half of this year, according to the report.

Despite the release of Verify Apps, most malware distributed to Android devices are delivered as Trojans, by which Android remains the easiest target because it is open, available on third party app stores and Web sites and they're self-signed, meaning it's difficult to trace malware to its developer, the report added. The study also noted that attackers can easily hijack Android apps, inject code and resign them.

As for the proportional shift to Windows, the period covered precedes the release of Windows 10. With this upgrade, Microsoft has made Windows a much more difficult target. These findings could embolden the case for people to upgrade to Windows 10, which adds a number of key new security features including multifactor authentication and biometric identity management.

It'll be interesting to see what the stats look like next year. Who knows where iOS will be in the mix.

Posted by Jeffrey Schwartz on 09/21/2015 at 3:38 PM


  • Spaceflight Training in the Middle of a Pandemic

    Surprisingly, the worldwide COVID-19 lockdown has hardly slowed down the space training process for Brien. In fact, it has accelerated it.

  • Surface and ARM: Why Microsoft Shouldn't Follow Apple's Lead and Dump Intel

    Microsoft's current Surface flagship, the Surface Pro X, already runs on ARM. But as the ill-fated Surface RT showed, going all-in on ARM never did Microsoft many favors.

  • IT Security Isn't Supposed To Be Easy

    Joey explains why it's worth it to endure a little inconvenience for the long-term benefits of a password manager and multifactor authentication.

  • Microsoft Makes It Easier To Self-Provision PCs via Windows Autopilot When VPNs Are Used

    Microsoft announced this week that the Windows Autopilot service used with Microsoft Intune now supports enrolling devices, even in cases where virtual private networks (VPNs) might get in the way.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.