Ads pass explicit content as top mobile threat vector

Malicious advertising has outpaced pornography as the main threat vector for malware on mobile devices, according to a new report from Blue Coat Systems.

The report states that one in every five times a mobile user is directed to malware, it is through mobile ads delivered through legitimate ad networks. This is up threefold from a year earlier.

But pornography remains the most potent attack vector - while porn currently only makes up 1% of requested content over mobile devices, it accounts for more than 16% of malware attacks. By comparison, web ads make up 12% of requested content served.

People remain the weakest link in mobile security, with today’s mobile threats adopting social engineering tactics to circumvent security controls built into devices.

According to the report, while mobile computing is overtaking traditional PC computing, the mobile malware threat is not yet as developed as on desktops. This is due to the lack of an underground mass market for exploit kits for mobile devices.

But mobile threats that are gaining in popularity include premium SMS scams - where users are tricked into downloading an application that charges the user’s mobile account a fee - or rogue apps with risky behaviours including demanding access to contact or location information.

Cybercriminals are also adapting the fake antivirus scams that have been so popular on desktops to the mobile platform.

Mobile threat vectors are likely to change as user behaviour shifts, the report adds. For example, shopping is now the fifth most popular activity on mobile devices, making it a prime target for cybercriminals.

Image courtesy of Intel Free Press under CC