Jamf Blog
A hand is holding an iPhone with a MacBook Pro in the background. The iPhone is displaying an alarming graphic notifying the user that it is infected with malware.
July 7, 2023 by Liarna La Porta

Back to security basics: malware

Let's go back to the basics and learn about the various threats that affect mobile devices. In this blog, we'll discuss what mobile malware looks like, how it gets onto your device and what to do if your device has been infected.

Chances are, your mobile device doesn’t have the same security defenses as your work laptop or desktop computer. That’s why it’s important that you, the end user, do all you can to protect yourself from cyber threats. This article focuses on malware: how to recognize if your mobile device is infected, how it happens and what to do next.

What is malware?

Short for “malicious software”, malware is software designed to cause damage to a computer, server or network. It is often found masquerading as software, files or media that are desirable and don’t appear malicious to the casual observer. Malware is often referred to as a virus or infection, and can come in many forms including the following types:

  • Adware is designed to show frequent ads to a user in the form of pop-ups, sometimes redirecting you to malicious webpages or applications
  • Banker malware attempts to steal users’ bank credentials without their knowledge
  • Ransomware demands money from you in exchange for the files or the functionality of the devices being ”held hostage”
  • Rooting “roots” the device, essentially unlocking the operating system and obtaining escalated privileges
  • SMS malware manipulates devices to send and intercept text messages resulting in SMS charges without you knowing
  • Spyware monitors and records information about your activity on your device without your knowledge or permission
  • Trojan malware hides itself within a piece of seemingly innocent software
  • Mobile bot networks are a network of devices infected with malware that is remotely controlled and designed to execute DDoS attacks, cryptomining or other distributed malicious activity

Do mobile phones get malware?

Mobile phones used to be a lot simpler. Owners of the iconic >3/4” thick, indestructible Nokia 3310 didn’t have to worry as much about the physical or cybersecurity of their phones. But those times are over, especially as our favorite pocket-sized devices consist of hardware and software much more akin to laptop or desktop computers.

Here are some quick stats from Verizon’s 2022 Mobile Security Index reported over 12 months:

  • 58% of companies have more users using mobile devices
  • 59% of mobile users are doing more with their devices
  • 53% of mobile devices have access to more sensitive data

The increase in usage and access to sensitive data makes these devices increasingly a target for bad actors — the same report says nearly half of the companies they surveyed had a compromise involving a mobile device in the last 12 months.

So again, do mobile phones get malware? Simply put: yes.

Is mobile malware the same as PC malware?

We listed some malware types above — these can certainly show up on both mobile devices and traditional workstations, but how do these manifest on a mobile device?

Bad actors exploit both the intrinsic properties of mobile devices (like their small screen and mobility) and user behavior (like user trust in apps and how they handle updates).

Mobile devices have smaller screens, making it more difficult for even security-aware users to vet any suspicious links since links are truncated and can’t always be “hovered” over to preview. This makes users more susceptible to phishing attacks or malicious links. And how many times have you or someone you know connected to the Wi-Fi in a coffee shop, restaurant, store, etc? These networks, always unsecured, leave your devices vulnerable to man-in-the-middle (MitM) attacks, exposing your data to bad actors and potentially compromising your device with implanted adware or other malware.

It’s (nearly) an accepted fact that laptops and desktops need malware protection, but this doesn’t carry over to mobile devices. Users tend to be less security-minded when it comes to their phones; the mobile nature of these devices carries over to their quick, less-thoughtful usage, meaning bad actors have to do less work to wreak havoc. That suspicious email you’d scrutinize on your laptop? You might not think twice about its legitimacy on your phone, clicking legitimate-looking links that take you to a spoofed website. Users also tend to trust apps offered on native or third-party app stores, but these are not always guaranteed safe with some malicious apps making it onto app stores. Users don’t always investigate why some apps need the permissions they request — why would a calculator app need access to my camera and location, for example?

Additionally, it’s common for users to defer both app and OS updates, even if they involve security updates to critical vulnerabilities.

In other words, there a few ways bad actors attack your device:

  • Infected applications: hackers infect known applications or create their own and are usually downloaded from third-party app stores
  • Malvertising: online advertisements are infected with malware, distributed by ad networks and appear silently on legitimate sites
  • Scams or phishing: rely on the user being redirected to a malicious web page after clicking on a malicious email, text message, or pop-up screen
  • Direct to device: requires direct access to the device to download or sideload malware

How do you identify malware on your device?

A few signs you’ve got mobile malware and your device has been compromised include:

  • Battery draining faster
  • Pop-up ads
  • Unexplained apps
  • A surge in data consumption
  • Unexplained charges
  • Reduced performance

What to do if you think your device has been infected with malware?

So you’ve got malware, what now?

Reset or restore your device following these steps for iOS:

  1. Use iCloud to back up the data on your device
  2. Go to Settings > General > Reset
  3. Click “erase all content and settings” to clear all apps and data
  4. Restart your iOS device and set it up again.
  5. Sign in to iCloud when you set up your iOS device and restore your backed-up data.
  6. Review and re-download safe apps again from the App Store.

If your mobile device is managed by an organization, check to see if the organization has a mobile threat defense product deployed and notify your security team.

Watch out for warnings of identity theft and put a fraud alert or credit freeze on your credit account.

Mobile malware prevention

The best remedy is prevention. Stay safe from malware by following this guidance:

  • Don’t download apps from third-party app stores
  • Don’t jailbreak your device
  • Read the reviews before downloading apps
  • Install OS updates as soon as they are available to ensure important security patches are in place
  • Check app permissions before installing an app in case it is asking to access something it doesn’t need to, such as camera access for a calendar app, for example.

Protect your mobile devices with Jamf Protect.

Photo of Liarna La Porta
Liarna La Porta
Jamf
Liarna La Porta, Manager, Corporate Communications
Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.