Mobile threats – myth or reality?

As regular readers of viruslist will have noticed, we’ve been tracking the evolution of mobile malware with interest. This, naturally, includes collecting statistical data on the prevalence of individual threats. Of course, malicious code for mobile devices is relatively new, and there’s been a lot of discussion about whether or not it poses a real threat.

Data we’ve collected shows some interesting trends. For instance, the number of infected MMS messages is already close to the amount of malicious code found in mail traffic: 0.5% – 1.5% of MMS traffic is made up of infected messages.

Of course, it’s difficult to monitor mail traffic for malicious code across the whole web. In contrast, scanning mobile traffic for malicious content can make a real difference.

Six months ago, BeeLine, the biggest Russian mobile network operator, implemented protection for MMS messages. Since then, the number of infected messages has fallen from 1.46% of MMS traffic to a record low of 0.46% at the end of October.

It’s also been interesting to track the ups and downs in the number of infected MMSs – for instance, at the end of the summer holidays, there was a sharp, though shortlived, rise in the number of infected messages to 1.72%, following by an equally sharp drop.

The vast majority of infected messages are due to Worm.SymbOS.Comwar.a and Worm.SymbOS.Comwar.c, although of course there are quite a lot of other programs circulating as well.

It’s clear from these statistics that mobile malware is a real threat. It’s equally clear that it’s a threat that can be tackled successfully.