One More Reason NOT to Jailbreak Your iPhone and Android’s Latest Market Share Win

This week, researchers revealed that AdThief, also known as Spad, has infected 75,000 jailbroken iOS devices, stealing revenue from approximately 22 million ads, since March 2014. Yes, the malware only targets jailbroken iOS devices (you can relax this time, Android fans), utilizing 15 mobile adkits including AdMob, AdWhirl and Google Mobile Ads to name a few. The malware switches the developer’s ID to that of the attacker, effectively redirecting revenue from each ad view or click, to the clever crook’s pocket. Although details on how the malware spreads and infects are unknown, most likely it proliferates through voluntary downloads of trojanized apps from third party iOS app stores.

Appthority’s tip of the day: Simply put, don’t jailbreak your iPhone (or root your Android device). A jailbroken phone can download apps from anywhere, not just the Apple App Store, where security checks on uploaded apps are rigorous. Jailbreaking or rooting nullifies the many built-in protections in iOS and Android, ups the possibility of encountering a counterfeit app and, coincidentally, your likelihood of malware infection.

In other news, according to a study from Good Technology, Android made gains in the workplace last quarter, while Apple lost a bit of its stronghold. Researchers found that iOS lost five percent of the market share (decreasing from 72 percent to 67 percent), as Android advanced to control 32 percent of activations in the enterprise. What does this mean for enterprise security administrators? iOS is considered by many to be a more secure mobile operating system than Android, when it comes to malware. As such, enterprise executives should take this into consideration as they evaluate their operating system options for their organizations in BYOD and COPE approaches.

That said, Appthority’s Summer 2014 App Reputation Report research found that mobile malware infects only .4 percent of mobile apps in the enterprise and 0 percent of apps found in the top 400 apps. Although malware is created to compromise device security or data, malware is not the primary threat to user privacy or enterprise security on mobile devices because it is seldom found on enterprise devices. In terms of corporate data security and corporate privacy, the Appthority report found that both iOS and Android exhibited very similar risks. Of course, if you root or jailbreak your phone, that’s a different story (see above).

Thoughts or comments on our new App Reputation Report? Reach the Appthority team on Twitter at @Appthority.