24 March 2014
Mobile malware — an ever-increasing problem that began to grow at particularly alarming rates in 2012 — hit new highs in the fourth quarter of 2013. McAfee Labs researchers collected 2.47 million new mobile malware samples in all of 2013, and 744,000 samples in just the fourth quarter alone. The McAfee mobile malware “zoo” now has a grand total of 3.73 million samples — up a shocking 197% from just the end of 2012.
How do mobile devices acquire malware? Typically, attackers send malware to mobile devices just as they would most other endpoint devices — through malicious websites, spam, malicious SMS messages, malware-laden ads, and downloaded apps. Most apps collect both user data and mobile device telemetry, and examining the relationship between overcollecting personal data and device telemetry and malware is important to understanding how to defend against mobile malware.
Mobile apps and data collection
Mobile apps collect more information than you may expect. Some 82% of apps track your current and last location, when you’re using Wi-Fi and data, or when you turn on your smartphone or tablet. An astounding 57% of apps even track when a phone is being used. While most of the time this tracking is harmless, your device may be at risk when one app starts overcollecting information compared to similar apps in the same category.
To determine the risk level of any particular mobile app, McAfee Labs has implemented a privacy “sharing” score that compares an app’s behavior to that of other apps in the same category. If an app collects significantly more information than others similar to it, McAfee Labs labels it with a higher score. The lower the score within a category means the app collects less information than others, thus is relatively safer. Apps that tend to overcollect mobile device telemetry are much more likely to deploy malware onto your device. Any device that appears to gather an uncharacteristically large amount of information should raise alerts about data loss and potential data theft. When McAfee Labs researchers examined the 10 apps in their sample database with the highest privacy-sharing scores, they discovered that six of them had malware.
While sharing tracking information with mobile apps may not seem harmful, attackers can take advantage of your personal information to collect your data and build a profile of your mobile behavior. Attackers can also hijack your own mobile device, turning it into a bot and installing even more harmful malware on your system. It has become increasingly important to monitor what information and the amount of data you share on apps to keep you and your device protected.