It’s been about a decade since we began seeing threats to mobile devices, and a lot has changed in the intervening years. The brief history of mobile threats goes back to 2004 when the first mobile virus appeared, called Cabir, attacking Symbian phones.
In case you thought Apple iOS devices were immune, jailbroken iPhones are ripe targets for viruses and worms like the ones that showed up in 2009 called Ikee and Duh.
Since about 2010, Android malware has dominated the mobile threat scene, which makes a lot of sense when you consider that Android represents more than 80% of the global smartphone market. So far, SophosLabs has seen 1.5 million samples of Android malware – a much smaller number than Windows threats, but the growth rate is accelerating rapidly.
Even though the risk of Android malware is relatively low in Western countries, bad apps have made it into Google Play many times since 2011, when the DroidDream attack saw more than 50 apps containing a root exploit published on Google’s Android market.
Widespread Android vulnerabilities like MasterKey (discovered in 2013) haven’t really been exploited yet, says Sophos security advisor Chester Wisniewski. However, millions of Android users are at risk if criminals decide to weaponize these exploits.
Currently, most Android malware relies on cybercriminals tricking users into downloading malicious apps themselves, so make sure you (or your users) have an Android antivirus, stick to Google Play as much as possible, and avoid rooting devices.
It’s not just Androids you need to look after, as Chet explained in his presentation at the recent RSA Conference comparing the security of the major smartphone platforms. He says Android and iOS are about even in terms of their default security settings – neither one is perfect. Windows Phones have some risky default settings, including automatically connecting to Wi-Fi.
As mobile threats continue to mature, the amount of data mobile devices are collecting – and a lack of control over who has access to that data – are the biggest threats to the privacy and security of everyday users.
Infographic: Timeline of Mobile Threats
We created this timeline of mobile threats going back to 2004. It’s by no means comprehensive, but it gives you a good idea of how threats have evolved in a short period of time.
To download a PDF of the infographic, click on the image below. You can learn more about the latest mobile threats at our award-winning Naked Security blog.
Mobile security from Sophos
Protecting your business from mobile threats is easy with our Sophos Mobile Control (SMC). By securing devices, content, and applications with a user-centric approach, SMC simplifies compliance with corporate security policy across iOS 8, Windows Phone and Android platforms. SMC also manages Sophos Mobile Security to deliver anti-malware for Android devices.
Check out the new SMC
Watch this video to get a closer look at SMC, or visit sophos.com/mobile for more information.