Nokia has released its Threat Intelligence Report for 2017 and, perhaps unsurprisingly, the findings reveal an uptick in mobile malware as compared to other hardware platforms. Unfortunately, it also reveals that Android is once again the leading target for malicious software – bearing the brunt of the attacks with 68-percent of malware instances occurring on the platform. Nokia attributes that primarily to the fact that apps are able to be side-loaded onto an Android device, despite the efforts of Google to secure the Google Play Store via Google Play Protect. The majority of attacks were delivered in the form of applications that contained hidden malicious software.That's a problem that's only exasperated by the fact that in some regions, as many as 96-percent of applications are downloaded from third-party sources and app stores. In China, the Play Store only accounts for under 4-percent of downloads, for example. Meanwhile, Windows devices accounted for 27.96-percent of malicious attacks and software, while the remaining platforms only made up 3.54-percent.
Also for 2017, the average monthly infection rate in mobile networks fell in at 0.68-percent while smartphone infections made up the vast majority of those at around 72-percent. Android was well above that average, at around 0.94-percent and around half of the threats detected by Nokia were in the form of high-level bots and ransomware. The top 20 mobile malware instances were also directed at Android and consisted mostly of Trojan software and backdoor attacks, in addition to a smattering of adware, spyware, and ransomware. The problem extended beyond side-loaded applications, as well. Computer systems connected to mobile networks in either a wired or wireless configuration made up 28-percent of the total infections, while attacks on iOS arrived mostly in the form of compromised Spyphone applications. Aside from third-party software installations causing problems, some vulnerability issues were also found in mobile systems themselves, such as the Blueborne exploit discovered earlier this year.
As worrying as those figures could be, it is worth pointing out that Android has the larger portion of the market share on a global scale than its competing platforms. So, as with the PC market share decline as compared to the mobile market share gains, it also has a larger attack surface and is undoubtedly more appealing to those who are perpetrating attacks and developing malware. In the meantime, the monthly rate of infections on mobile devices has maintained relative stability since 2013, with the exception of a couple of spikes in both 2016 and 2017. Google and Android manufacturers have continued to combat the problems where ever possible and it appears to be a testament to those efforts that malware has not risen substantially. Since most of the attacks are derived from third-party applications sourced outside of the official Android ecosystem, it shouldn't be too difficult to avoid malware with a moderate amount of diligence.