
Lookout’s report exposes drivers for encountering malware, new malware distribution methods, profit-making schemes and privacy threats
San Francisco, CA — September 6, 2012 — Lookout Inc., the leading mobile security company, today shared its State of Mobile Security Report 2012. In the report, Lookout explains the issues that individuals faced on mobile devices this year and explores the prominent trends in mobile threats. The report takes a holistic view of the mobile threat landscape, providing important context on an individuals’ likelihood of encountering threats and analyzing the factors that have advanced the malware industry in 2012. The findings are based on information from Lookout’s Mobile Threat Network, which includes threat data collected from more than one million apps and millions of devices worldwide.
The key findings from the State of Mobile Security 2012 report are:
Because of its global ubiquity as a phone payment mechanism, premium text billing is the most common tactic used by malware writers to commit financial fraud on mobile. This class of malware, termed “Toll Fraud,” has become the most prevalent type of malware within the past year. Just one family of Toll Fraud malware, FakeInst, accounted for 82 percent of Lookout user detections in June 2012 and is estimated to have successfully stolen millions of dollars from people in Russia, the Middle Eastand parts of Europe.
Privacy is one of the biggest issues people face on mobile devices. In 2012, a significant portion of privacy problems arose from aggressive advertising techniques, including pushing out-of-app ads and accessing personally identifiable information without user notification. Lookout estimates that five percent of Android applications include these aggressive ad networks and these apps have been downloaded more than 80 million times.
People in Russia, Ukraine and China have a significantly higher likelihood of encountering malware than elsewhere. User behavior is the other leading factor; people who download apps outside of a trusted source, like Google Play, have a higher chance of encountering malware.
Web-based threats like phishing are often able to target both traditional PC users and mobile users equally, making these schemes easy for malware writers to produce and replicate. Lookout’s detected that four out of ten mobile users click on an unsafe link over the course of a year.
Lookout observed malware designed to enable shady app promoters to conduct download fraud. These malware families primarily affected users in China. In the past year, Lookout discovered malware capable of automatically downloading apps from alternative app market sources without the user's knowledge, rooting the phone to download additional apps without warning, or installing third-party app stores.
“Trust is one of the most important factors influencing whether people will continue to use mobile devices to their full potential,” said Kevin Mahaffey, CTO and co-founder of Lookout. “As smartphones and tablets have come to house our personal data, access financial information, and power practically all of our communications, there are more incentives for attackers to strike. Our mission is to identify and solve emerging threats so people around the world can continue to trust their mobile devices”
Read or download the complete State of Mobile Security 2012 report on the Lookout website.
How to stay safe on mobile
Lookout is an integrated endpoint-to-cloud security company. Our mission is to secure and empower our digital future in a privacy-focused world where mobility and cloud are essential to all we do for work and play. We enable consumers and employees to protect their data, and to securely stay connected without violating their privacy and trust. Lookout is trusted by millions of consumers, the largest enterprises and government agencies, and partners such as AT&T, Verizon, VMware, Vodafone, Microsoft, Google, and Apple. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, Sydney, Tokyo, Toronto and Washington, D.C. To learn more, visit www.lookout.com and follow Lookout on its blog, LinkedIn, and Twitter.
Contact Lookout PR: press@lookout.com