Security & Mobility Now
Security is top-of-mind everywhere, especially right here where Juniper experts share their thoughts on the latest security breakthroughs and product advancements
danielvhoffman

Juniper Mobile Security Report 2011 – Unprecedented Mobile Threat Growth

by Juniper Employee on ‎02-14-2012 02:08 PM

Juniper_MobileThreatCenter_Infographic4.jpgToday, the Juniper Networks Mobile Threat Center (MTC) released its 2011 Mobile Threats Report, which shows evidence of a new level of maturity in security threats targeting mobile devices.  This past year saw a significant increase the amount of mobile malware, its sophistication, as well as new nimble social-engineering based attacks. As mobile users download more applications than ever before, they are turning out to be the “killer app” for hackers.

 

The Juniper MTC examined more than 790,000 applications and other vulnerabilities across every major mobile device operating system to inform the report. The MTC’s malware sample library contains over 28,000 samples, which is significant when compared with recent reports from other highly recognized mobile security vendors that disclosed the total amount of samples in their malware library as 400, 1400, and 2500 respectively.  

 

In 2011, we saw unprecedented growth of mobile malware attacks with a 155 percent increase across all platforms. Most noteworthy was the dramatic growth in Android Malware from roughly 400 samples in June to over 13,000 samples by the end of 2011.  This amounts to a cumulative increase of 3,325 percent.  Notable in these findings is a significant number of malware samples obtained from third-party applications stores, which do not enjoy the benefit or protection from Google’s newly announced Android Market scanning techniques.

 

We also observed a new level of sophistication of many attacks. Malware writers used new and novel ways to exploit vulnerabilities.  2011 saw malware like Droid KungFu, which used encrypted payloads to avoid detection and Droid Dream, which cleverly disguised itself as a legitimate application, are a sign of things to come.

 

Along with more sophistication, Juniper found significant catches of malware that did not exploit technical vulnerabilities but instead relied on social engineering for a quick profit. A new attack method dubbed “Fake Installers” was the fastest growing type of malware found by the MTC. Fake Installers trick victims into unknowingly paying for popular applications that are normally free but have been pirated by the attackers. Victims are tricked into agreeing to terms of service of pirated applications that then send profits via premium SMS messages to the scammers. While these attacks don’t lead to complete financial ruin, they have the promise of making attackers a tidy profit a few dollars a time.

 

We also found that loss and theft of mobile devices continues to be a problem, with the report detailing a marked shift in the behavior of users regarding their lost or stolen devices.  Rather than simply wiping and replacing,  Juniper’s statistics detail how more users are locking their device and using the location tracking feature of their Juniper security software to recover, rather than replace, their device.

 

Looking ahead, 2012 also promises to be a remarkable year for mobile device security, with the projected rapid increase in malware already being seen.  Other notable trends include the targeting of online banking and financial transactions, browser-based exploits including drive-by downloads and the targeting of third-party applications installed on the device.

 

Included in this post is an infographic on the report. You can also find copy of the full report here.

Post a Comment
Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
About Security & Mobility Now

Discussing a wide range of topics impacting enterprises and
data center security.

Subscribe RSS Icon

Our Bloggers

Kyle Adams
Senior Software Engineer

Profile | Subscribe

Ritesh Agrawal
Director
Software Engineering

Profile | Subscribe

Erin K. Banks
Senior Technical Marketing Manager

Profile | Subscribe

Ajay Bharadwaj
Product Manager

Profile | Subscribe

Michael Callahan
Vice President
Product Marketing

Profile | Subscribe

Scott Emo
Director
Product Marketing

Profile | Subscribe

Mora Gozani
Senior Manager
Product Marketing

Profile | Subscribe

Ashur Kanoon
Sr. Manager
Technical Marketing

Profile | Subscribe

Seema Kathuria
Manager
Product Marketing

Profile | Subscribe

Kevin Kennedy
Senior Director
Product Management

Profile | Subscribe

Dave Killion
Software Engineer

Profile | Subscribe

Rebecca Lawson
Senior Director
Product Marketing

Profile | Subscribe

Rajoo Nagar
Senior Manager
Product Marketing

Profile | Subscribe

Erin O'Malley
Manager
Product Marketing

Profile | Subscribe

Galina Pildush
Strategy & Planning
Architect

Profile | Subscribe

Edward Roberts
Director
Product Marketing

Profile | Subscribe

Bill Shelton
Director Field Sales

Profile | Subscribe

Ashutosh Thakur
Product Line Manager

Profile | Subscribe

Troy Vennon
Software Engineer

Profile | Subscribe

Brad Woodberg
Product Manager

Profile | Subscribe

Labels
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.