McAfee Labs collected 2.47 million new mobile malware samples in 2013, with 744,000 in the last quarter alone. The mobile malware “zoo” totaled 3.73 million samples at the end of the year.
According to McAfee Labs Threats Report, Fourth Quarter 2013, malware can arrive on a mobile device through just about every attack vector, such as downloaded apps, malicious website, spam, malicious SMS messages, and malware-bearing advertisements.
The report notes that 82 percent of mobile apps track when users use Wi-Fi and data networks, when you turn on your device, or your last and current location; 80 percent collect location information; and 57 percent track when the phone is used. While most tracking is benign, there appears to be a relationship between apps that overcollect mobile device telemetry and apps that contain or enable malware. The more an app collects compared to its category peers, the more users and enterprises should be concerned about data loss and possible theft.
For example, the report notes, while sharing tracking information with a mobile app may seem benign, “it raises profound business security implications in the ‘bring your own device’ world. A clever piece of malware installed on the CEO’s phone directly or indirectly by a less-than-reputable mobile app and doing nothing more than tracking location information could actually tip off competitors, suppliers, financial analysts, blackmailers, or even those who wish to do someone physical harm.”