Back to security basics: malware

Jamf

Chances are, your mobile device doesn’t have the same security defenses as your work laptop or desktop computer. That’s why it’s important that you, the end-user, do all you can to protect yourself from cyber threats. This article focuses on malware: how to recognize if your mobile device is infected, how it happens, and what to do next.

 

What is malware?

Short for ‘malicious software’, malware is software designed to cause damage to a computer, server, or network. It is often found masquerading as software, files, or media that are desirable and don’t appear malicious to the casual observer. Malware is often referred to as a virus or infection, and can come in many forms including the following types:

  • Adware is designed to show frequent ads to a user in the form of pop-ups, sometimes redirecting you to web pages or applications
  • Banker Malware attempts to steal users’ bank credentials without their knowledge
  • Ransomware demands money from you in exchange for the files or the functionality of the devices being ‘heldhostage’
  • Rooting ‘roots’ the device, essentially unlocking the operating system and obtaining escalated privileges
  • SMS Malware manipulates devices to send and intercept text messages resulting in SMS charges without you knowing
  • Spyware monitors and records information about your activity on your device without your knowledge or permission
  • Trojan Malware hides itself within a piece of seemingly innocent software
  • Mobile bot networks are a network of devices infected with malware that is remotely controlled and designed to execute DDOS attacks, crypto mining, or other distributed malicious activity

 

What are the signs your device might be compromised by malware?

A few signs you’ve got mobile malware and your device has been compromised include:

  • Battery draining faster
  • Pop-up ads
  • Unexplained apps
  • A surge in data consumption
  • Unexplained charges
  • Reduced performance

 

How does mobile malware work?

Cybercriminals looking to have a greater return focus their efforts on organizations and use a variety of tactics to infect the maximum number of corporate devices. Here are a few ways mobile malware can get to your device:

  • Infected applications: hackers infect known applications or create their own and are usually downloaded from third-party app stores
  • Malvertising: online advertisements are infected with malware, distributed by ad networks, and appear silently on legitimate sites
  • Scams or phishing: rely on the user being redirected to a malicious web page after clicking on a malicious email, text message, or pop-up screen
  • Direct to device: requires direct access to the device to download or sideload malware

 

What to do if you think your device has been infected with malware?

So you’ve got malware, what now?

Reset or restore your device following these steps for iOS

  1. Use iCloud to back up the data on your device
  2. Go to Settings > General > Reset
  3. Click “erase all content and settings” to clear all apps and data
  4. Restart your iOS device and set it up again.
  5. Sign in to iCloud when you set up your iOS device and restore your backed-up data.
  6. Re-download your apps again from the App Store

If your mobile device is managed by an organization, check to see if the organization has a Mobile Threat Defense product deployed and notify your security team.

Watch out for warnings of identity theft and put a fraud alert or credit freeze on your credit account.

 

Mobile malware prevention

The best remedy is prevention. Stay safe from malware by following this guidance:

  • Don’t download apps from third-party app stores
  • Don’t jailbreak your device
  • Read the reviews before downloading apps
  • Install OS updates as soon as they are available to ensure important security patches are in place
  • Check app permissions before installing an app in case it is asking to access something it doesn’t need to, such as camera access for a calendar app, for example.

Read Jamf's Cloud Security Report 2021 that takes a closer look at the threats that will impact your organization’s data via your most critical assets.

Jamf Cloud Security Report