Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Porn websites are the top mobile infection vector, 2015 report shows

When it comes to compromising mobile devices in 2015, pornography is once again the number one infection vector.

According to the Blue Coat Systems 2015 Mobile Malware report, pornography websites as an infection vector jumped from about 16 percent in the 2014 report to more than 36 percent in this year's report. The figure is sizable – when porn topped the list in the 2013 report, it held a 22.16 percent market share.

“These include both malvertising attacks and sites which host Trojan horse apps designed to appeal to porn site visitors,” the report said, later adding, “That is, when we see a mobile user's traffic heading to a malicious site, 36 [percent] of the time that user is following a link from a porn site.”

At 19.69 percent, WebAds and Analytics topped the threat vectors list in 2014, but it dropped to number three on the 2015 list with only 4.83 percent. Meanwhile, the “Suspicious” category finished second place in both the 2015 list (21.08 percent) and 2014 list (16.68 percent).

“Note, however, that the “Suspicious” category also includes WebAd networks that are known to be heavily involved in malware, scams, [potentially unwanted software], and other shady activities – so collectively, WebAds may not have fallen quite as far as it appears,” the report said.

Another mobile issue involves providers not pushing “over-the-air” updates quick enough, particularly for devices running the popular Android operating system. As a result, vulnerable users are open to being compromised via any number of unpatched exploits.

Blue Coat took a look at the August numbers for Android users visiting sites known to host malicious content, and found that 23 percent of them were running version 4.4.2, 15 percent were running version 4.2.2, 12 percent were running version 4.4.4, and 10 percent were running 4.1.2.

Researchers said some instances of navigating to malicious websites could be users accessing marketplaces other than Google Play.

“In others, it appears that the phone or tablet ended up on a known-dangerous site simply by browsing the web,” the report said. “Many of these links between legitimate websites and the sites known to host malware are made by advertising networks, who unwittingly play matchmaker to a whole host of threats.”

In a Wednesday email correspondence, Hugh Thompson, CTO and senior vice president of Blue Coat, told SCMagazine.com that while the volume of mobile malware did not rise sharply in 2015, the types of attacks have become increasingly severe.

“From the increasing instances of ransomware – essentially cyber blackmail – to the stealthy insertion of spyware on devices that allow cyber criminals to profile behavior and manipulate sales, these are just some of the examples that seem to be the favored exploits of today's mobile platform,” Thompson said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.