Mobile security company Lookout released its annual Mobile Threat Report on Thursday, which demonstrated a major uptick in Android malware encounters.
Mobile security company Lookout released its annual Mobile Threat Report on Thursday, which demonstrated a major uptick in Android malware encounters.

Although many U.S.-based security professionals and mobile device users might have once believed their devices were safe from malware, new research suggests that in 2014, Android mobile malware proliferated with encounter rates increasing by 75 percent over 2013.

Mobile security company Lookout released its annual Mobile Threat Report on Thursday, which detailed threats both enterprises and individual mobile users came across this past year. Approximately 6.4 million Android devices were exposed to mobile malware in the U.S. this year, or seven percent of devices.

Most threatening to enterprises was the “NotCompatible” trojan, which could allow attackers to compromise secure corporate networks.

The trojan has been around since May 2012, Jeremy Linden, senior security product manager, Lookout, explained in a Wednesday interview with SCMagazine.com. But only in 2014 did it really start gaining traction as a major threat.

“They (the trojan's creators) really rebuilt this whole software under the hood in late 2013 into late 2014,” he said. “They started incorporating features like peer-to-peer communication. We also saw a large increase in the detections of NotCompatible and saw it pushed out on a campaign-based basis.”

Beyond NotCompatible, the report found TowelRoot and TowelExploit, root exploit malware, and BasicSystemSpy, a surveillance malware, to be the most pressing concern to U.S. enterprises.

Often, Linden said, mobile devices are perceived to be more secure than personal computers, which he admitted is mostly true. However, he explained, mobile devices are ripe with information, making them a lucrative target.

“The risk impact can be different,” Linden said. “And while mobile devices are harder to compromise, they also contain inherently sensitive data, like location data and contacts, that not even PCs carry around in them.”

The study found, for instance, that U.S. mobile devices' contacts were most commonly exfiltrated to servers in the U.S., followed by the U.K. and China. GPS data was most commonly exfiltrated to U.S. servers, and then to those based in China and Luxembourg.

Ultimately, Linden said, this data reinforces the idea that mobile devices will most likely be used both for personal and work uses, and even a narrow use policy could fail to thwart attacks. Security professionals should emphasize good security behavior and training to keep enterprise devices infection-free, he said.

The study also suggested segmenting networks and implementing mobile threat protection.