Want Mobile Malware? Don’t Look to iPhone

| Columns and Opinions

The U.S. Department of Homeland Security says there's a big malware threat in the mobile device space, and it isn't Apple's iOS. It's Google's Android, and it's so much of a problem that Homeland Security is warning law enforcement, fire departments, emergency medical personell to avoid the platform.

iOS isn't perfect, but the vast majority of malware threats are targeting AndroidiOS isn't perfect, but the vast majority of malware threats are targeting Android

According to a study (PDF) conducted by Homeland Security, 79 percent of the mobile device malware attacks in 2012 were for the Android platform. In contrast, 0.7 percent were for iOS, and for once Microsoft can say it has even fewer malware threats with Windows Mobile accounting for 0.3 percent.

Part of that massive gap between Android and iOS comes from the fact that Google's mobile operating system holds an overall larger share of the market. Apple's iPhone is stunningly popular, and iPad is the main player in the tablet space, but so many companies make Android-based devices that the OS accounts for a larger part of the market.

Android's place as the mobile malware king isn't based on numbers alone. Apple's closed garden where every app that's available for the iPhone, iPad, and iPod touch must be vetted before it's released to the public -- and only through the company's own App Store -- has helped keep the malware threat down. Android apps, however, can be released without any screening and through a number of download services. Without a gatekeeper it's easier to slip potentially dangerous apps through and onto unsuspecting users.

Another issue Android users have to deal with is that most are at the mercy of their cell service provider for OS updates. When a security patch comes out there isn't any guarantee it'll get pushed out to users in a timely fashion, or even at all. With Apple controlling the distribution of iOS, as well as the update process, it's easier for the company to squash potential security flaws since it doesn't have to rely on other companies to push those updates out.

In some cases, Android users are stuck with outdated versions of the operating system because their service provider isn't providing an up to date version for their device, and never will. That doesn't stop people from hacking their device so they can get the latest Android updates directly from Google, but that accounts for a minority of Android users.

The big take away from the report isn't that there are more malware threats for Android; It's that Homeland Security sees it as a big enough issue to warn public safety agencies away from the OS. That, and it also makes for a handy shopping list of ways government agencies can inject their own malware into people's devices for covert monitoring.

The only way to be certain your personal information and other data won't be snatched up without your knowledge or consent is to not use a mobile device regardless of the operating system it runs, and to make sure anyone you know or communicate with doesn't use mobile devices, either. Since that's just not possible unless you live in a commune where no one uses mobile devices, and you don't interact with the outside world, at some point some of your data is going to get intercepted. That's just the world we live in now.

The numbers look great for Apple, but the company isn't completely in the clear. Homeland Security's report shows that at least a handful of iOS devices were hit with malware of some sort, and Apple hasn't always released security fixes for known flaws quickly. There's room for improvement on Apple's part, but less than one percent versus almost 80 percent for the tracked malware threats in a single year is still pretty good.

If the security threat numbers seem at least a little familiar, you've probably been using a Mac for several years and have heard tales of how safe OS X is compared to Windows. That was a big selling point for many people, and the huge gap between Android and iOS, we'll probably see the same types of arguments tossed around again -- just with mobile instead of desktop operating systems.

In the 1990s it was a battle between Mac OS and Windows. Now it's iOS and Android. Same as it ever was.

Popular TMO Stories




In the 1990s it was a battle between Mac OS and Windows. Now it’s iOS and Android. Same as it ever was.

From a security perspective, I’d say the main difference between the Mac/Windows and iOS/Android OS duopolies is that many said Mac was safe because of “security through obscurity”; in other words, there were too few Macs for virus writers to even bother targeting. I dare say iOS is a different game altogether.

While total Android devices do outnumber iOS devices, study after study shows that iOS owners use their devices far more, spend far greater amounts of time online, and spend far more money on online purchases, including paid-for apps. That makes iOS a far more enticing target, I would argue, for would be malware writers. It is not the low market share of the Mac that keeps iOS relatively safe, but rather the oft-condemned walled-garden of iOS that does.


Excellent point, mrmwebax.


In order for the Android’s security status to change, Google will need to change their business model, and thereby change their relationship to the Android OS by assuming stricter control over it. They could still release it at no cost to OEMs, so long as they continue to make their money selling end user data to the private sector.

Harvey Lubin

It would be interesting to find out if that 0.7% of malware attributed to iOS is primarily due to jail-broken iOS devices that download detrimental apps from sources other than Apple’s App Store, and how much of that malware (if any) is downloaded onto non-jailbroken iOS devices.

As I recall, there have only been 2 or 3 instances in the past 6 years since the first iPhone debuted, when an app containing suspected malware got into Apple’s App Store, and was subsequently removed quickly by Apple.

A recent report issued by Trend Micro says that high-risk, malicious app rates on the Google Android operating system rose to 718,000 at the end of the second quarter in comparison to 509,000 in the first quarter of this year. Compared to Android’s 718,000 malware apps, the almost non-existent examples found on Apple’s App Store would not even register at 0.7% of malware.

The conclusion would be that the 0.7% number of malware apps, are apps downloaded from other sources only on jail-broken iOS devices.

More information on that Trend Micro report can be found here:

Michael Johnston

What I like most about iOS security exploits is that they’re typically used to implement jailbreaks. Once jailbroken, those devices are often patched automatically against the same exploit. That also publicly shows Apple what needs to be patched. Those who don’t jailbreak who are then covered by the updates that Apple quickly pushes out after the exploits are made public.


Jeff, the size of the Android platform in terms of actual app-using devices is about 564 million devices worldwide according to Flurry which is only a shade larger than iOS on 510 million active devices.  (a large percentage of Android devices are just glorified featurephones that are not used for apps or browsing)

This makes the 32.8 million Android devices infected with 65,227 different pieces of malware in 2012 alone (according to NQ Mobile) equivalent to an enormous 17% of the active app-using installed base of Android devices.

Doing a little arithmetic, this compares to 0.06% (290,000) of the 510 million active iOS devices around the world which as Harvey points out probably equates to a significant proportion of jailbroken devices.

Take for example just one of these Android malware strains - the EuroGrabber Android malware which is as easy to be infected with as clicking on a link in an email. This malware swiped $47 million dollars straight out of the bank accounts of 30,000 users in 2012.

Another one of the multitude is the Android.Bmaster command and control botnet malware which has been siphoning between $547,500 to $3,285,000 off hapless Android users per year. This is an example of the Clear and Present Danger affecting Android users the world over, something pretty much completely absent for iOS users.

Then there is the enormous Master Key security hole affecting 99% of all Android devices since launch that can give malware full access to all system and user data and control phone and SMS functions with direct financial implications and turn the Android device into an always-on, always-moving, hard to detect botnet Zombie.

And then there is the Google Messaging Service security hole being used by hackers to steal Android users’ data and forcing them to send paid SMS messages.

Android is swiss cheese from a security standpoint and Android users are reaping the whirlwind.

Log in to comment (TMO, Twitter or Facebook) or Register for a TMO account