Mobile Malware Threat Has Increased Six-Fold in Past Year: Study

The latest reason for banks to provide security for their mobile banking users: mobile malware attacks have increased more than six-fold in the past year, according to a recent survey from Juniper Networks.

The network security company analyzed data from the 12 months that ended this March and found the total number of malicious apps has grown to 276,000. Three quarters of that software is some type of SMS Trojan, says Troy Vennon, director of Juniper Networks' mobile threat center.

This type of malware is typically embedded in a benign-looking smartphone app (think of an alarm clock app) and sends a text message in the background to a premium service (such as a ring tone) that then charges that person a fee.

"Malware development is picking up, it's not slowing down," says Vennon. "A business case has emerged for malware developers -- for a majority of them. They found a way to monetize [their wares] via SMS."

These Trojans are usually hidden in third-party app stores that aren't controlled by Google or another mobile platform operator. But the code can sometimes be embedded in popular apps on the Google Play Store as well, says Vennon.

A majority of this software is being created in Russia or China, he adds, and is primarily written around the holiday season from October to January.

For banks, the study serves as a reminder that customers are vulnerable to the whims of malware designers that are nefariously working to scam victims.

Banks can of course build rules into their risk analytics software that might catch increases in cell charges. But in the end, the dispute lies with the cell phone carrier.

For reprint and licensing requests for this article, click here.
Bank technology
MORE FROM AMERICAN BANKER