As the adoption of mobile devices continues to grow rapidly and businesses increasingly provide on-the-go access to corporate assets, the mobile malware landscape is evolving to take advantage of mainstream user behavior. In a sign of the times, web ads directing users to malicious sites have eclipsed pornography as the leading source of mobile malware encounters.
According to a new report from Blue Coat Systems, web ads are responsible for 20% of mobile user run-ins with malware. That is almost triple the rate in November 2012, when web ads accounted for only 5.7% of mobile malware.
Conversely, porn as a watering-hole bonanza for cybercriminals is waning. It accounted for 22% of attacks in 2012, but that percentage has dropped significantly since then. “Last year, when Blue Coat Security Labs looked at the mobile malware landscape, pornography was the leading threat vector for mobile users,” the report noted. “This year, it has dropped nearly six points and is the third leading threat vector, responsible to driving users to malware 16% of the time.”
Partly contributing to the decline is the fact that users simply don’t access pornography that frequently anymore. "Smaller screens and more difficult text entry methods have changed how we access and view online content," the report added. "So it’s not surprising that it also changes how we are exposed to malicious content."
However, pornography remains the most dangerous category of content for mobile users.
"With web ads, the rise as a threat vector correlated with a rise in web ad requests," Blue Coat said in the report. "The story is different for pornography. Requests for pornography on mobile devices don’t even reach 1% of all requested content, yet it accounts for more than 16% of all attacks."
The firm noted an increasing divergence of mobile and PC threat vectors when it comes to web surfing.
“Interestingly, when malware first moved to the Internet, pornography was one of the leading sources of malware for desktop users,” the report said. “The prevalence of pornography as the leading threat vector for desktop users has ebbed, giving way to attacks that target much larger user populations, such as search engine poisoning or social networking sites. It is reasonable to expect that the same will be true for the mobile environment, especially considering that in both environments pornography is not a frequently requested category of content.”
However, it turns out that mobile users present a much different picture from the desktop. Search engines barely crack the top 10 – sending unsuspecting users to malware only 3.13% of the time.
Instead, mobile devices open the door for many new opportunities as well, such as targeted coupons while consumers are in the store and click and mortar experiences that unify online and in-store presence. “All of these will continue to drive shopping as a category and potentially make it a target for cybercriminals that are looking for popular watering holes to target unsuspecting consumers,” the report noted.
This is where web ads gain their ascendency. As targeting improves, so does the frequency of advertising exposure as sites everywhere continue to refine their mobile monetization strategies.
“While mobile users are not yet subject to the same drive-by downloads that PC users face, mobile ads are increasingly being used as part of many socially engineering attacks,” the report explained. “The increased frequency of mobile ads conditions users to see them as normal, which makes users more vulnerable to the attacks that are launched through ads.”
The rise of malvertising – web ads delivered through legitimate ad networks that direct users to malicious sites or contain malicious code – as a leading attack vector mimics the rise of web ad traffic on mobile devices, as demonstrated by Yahoo!’s recent high-profile issue with it. Malvertising relies on a largely unregulated network of ad servers that can easily be tricked into serving malicious ads unknowingly.