Ransomware was the most common form of malware found on mobile devices over the past 12 months, but as a threat vector porn sites surged in popularity to take top spot, according to Blue Coat Systems.
The cybersecurity firm’s 2015 State of Mobile Malware report claimed that when it comes to ransomware, “much of the damage is often self-inflicted.”
It goes on:
“Users seek out and install pirated, or otherwise shady, mobile apps, which are generally only available from unsavory websites or unsanctioned app stores. By the time they realize they’ve been hit with ransomware, the damage is already done.”
Those that get infected via porn sites are even less likely to come clean, preferring instead to keep their browsing habits a secret and pay the ransom, Blue Coat argued.
In fact, the firm noted that porn sites now account for 36% of infections, more than double the 16.5% of a year ago. The former number one infection vector of malicious web ads dropped from 20% to a mere 5% this year.
Felix Leder, director of advanced malware defense at Blue Coat, argued that most users who came across a malicious app last year “more than likely started their journey on a porn site.”
He added that one possible reason for cybercriminals turning away from malvertising is that users are more likely to report suspicious activity on regular sites, where malicious web ads typically thrive, than, say pornographic sites.
“While it’s hard to directly attribute it, I would also imagine that the increasing rise of ad blocker tech—and Apple’s introduction of content/ad blocking in iOS 9—has somewhat limited the effectiveness of ads as a way to spread malware,” he told Infosecurity.
Blue Coat warned users that with the growing trend of BYOD in the workplace, personal mobile usage has become an enterprise security issue.
IT managers must therefore invest in tech products that give them greater visibility into mobile usage in the workplace, and to enable guest Wi-Fi “with intelligent policies around data access.”
Users should also receive security awareness and training to reduce the chances of their downloading apps from unofficial sources; jailbreaking or rooting their devices; surfing for porn; connecting to public Wi-Fi, and more.