McAfee claims to have detected 16 million mobile malware infections in the third quarter of 2017, as it predicts a year of threats ahead.
The security vendor’s Mobile Threat Report for Q1 2018 was launched at Mobile World Congress today.
It noted that it has now been a decade since the Apple App Store and Google Play were launched, with the latter under attack from day one.
Although the ecosystem providers have done much to improve security over the years, especially Android, more needs to be done, according to McAfee.
The Garbos malware campaign infected an estimated 17.5 million devices via 144 apps on Google Play before it was disrupted, it claimed.
The 16 million figure for Q3 was double that of the same period a year previously, according to McAfee.
The economics of cybercrime would seem to spell trouble for the years ahead.
“By our estimation, in 2010 the highest-paid malware campaign could potentially earn revenue between $100,000–$300,000,” the report noted.
“In the current threat landscape, a full-fledged campaign exploiting ad click fraud or pay-per-download scam (a market valued around $40bn in 2018) or a prevalent banking trojan could potentially bring in revenue of $1–$2m. If mobile malware continues on its current trajectory, it could create revenues for malware authors touching in the billion-dollar range by 2020.”
The report also warned of a rise in mobile banking trojans, fake mobile wallets and network spoofing attacks. The latter could be made easier by exposure to the infamous KRACK WPA2 vulnerability.
Some 41% of Android devices were initially thought to be exposed, even if they connected to a secure network, McAfee said.