Windows devices account for 80% of malware infections transmitted via mobile networks

17.09.2015
Microsoft may have just a single-digit slice of the mobile market, but there's one segment of mobile that it's winning: Malware infections delivered via mobile networks.

According to a Wednesday report from Alcatel-Lucent's Motive Security Lab, in June Windows devices accounted for 80% of the infections spotted on hardware that relied on mobile networks for Internet connectivity. Meanwhile, Android's share of the total infection count dropped to about 20% after long hovering at the 50% mark.

iOS and other operating systems were at nearly negligible percentages.

The data was generated from scans by Alcatel-Lucent's Motive Security Guardian technology, which is deployed worldwide by both mobile and fixed-line networks, and monitors traffic from more than 100 million devices.

That Windows malware infections represented such a huge portion of the total when Microsoft's operating system has been a very minor player in mobile is certainly counter-intuitive. If Windows-powered smartphones make up just 2.6% of all those shipped in 2015 -- IDC's latest forecast -- how can Windows comprise 80% of the malware infections

Simple.

"Most people are surprised to find such a high proportion of Windows/PC devices involved," Alcatel-Lucent said in its report. "These Windows/PCs are connected to the mobile network via dongles and mobile Wi-Fi devices or simply tethered through smartphones. They are responsible for a large percentage of the malware infections observed."

While those devices are powered by Windows and on a mobile network, they're not necessarily smartphones or cellular-equipped tablets. In fact, the vast majority are not: They're traditional PCs, mainly laptops, that use a mobile network rather than a fixed network composed of copper or fiber optic lines. (Of the latter, a Wi-Fi network connected to a fixed network would still be classified as a fixed network by Alcatel-Lucent, even though there are no wires linking the laptop to the Internet.)

"As the mobile network becomes the access network of choice for many Windows PCs, the malware moves with them," the report stated.

Long the favorite target of cyber criminals because of its dominance on devices, overwhelmingly so compared to, say, Apple's OS X -- and due to its open ecosystem that differs dramatically from the "walled garden" of iOS -- Windows doesn't escape infection simply because devices have shifted from fixed to mobile networks.

Malware doesn't care how it's delivered, just that it is.

Windows device infection rate -- what percentage of the total are detected with malware -- was also up significantly in the first half of 2015 on mobile networks. By June, it was approximately 0.6%, representing 6 infections per 1,000 devices. That was more than three times that of Android, the other OS that historically has had a high infection rate.

Alcatel-Lucent credited the decline of Android infection rates to moves Google has made, including efforts to eliminate malware-ridden apps from the Google Play e-mart, as well as Android's Verify Apps feature. The latter was introduced in 2012 with Android 4.2, aka Jelly Bean, and has been beefed up since then. Verify Apps scans apps a user wants to download, compares them against a Google database, and when a known malicious app is detected, blocks the download.

Google's intent has been to both clean up Google Play and stymie dangerous downloads from outside sources, like third-party app markets. The decline of Android infection rates and its share of all infections were signs that the strategy has worked, said Alcatel-Lucent.

Microsoft has had a similar protection in place since 2011, when it added an application reputation feature to its Internet Explorer-based SmartScreen technology.

Most of the infections Alcatel-Lucent detected on Windows devices was adware bundled with games and free software.

"The increase in Windows/PC infections can be attributed to the fact that more people are using their phone's data connection to provide Internet access for their devices," Alcatel-Lucent concluded.

(www.computerworld.com)

Gregg Keizer

Zur Startseite