Apple’s iOS Led Mobile Vulnerabilities in 2014 Says Symantec

There are now more than 1 million malicious apps out there. But that’s just the tip of the iceberg, since there are perhaps as many as 2.3 million grayware apps, which aren’t technically malware but display “undesirable behaviour, such as bombarding the user with advertising,” according to Symantec’s latest Internet security threat report ISTR Report Vol. 20.

After carefully analyzing the data gathered from 157 countries during the past year, the security firm concluded that the number of Android malware families continued that downward trend: only 46 new families were discovered.

Don’t jump to early conclusions: this doesn’t indicate that the problem is going away. It does show, however, that the innovation is slowing. Since the malware is effective enough, the demand for new software is dropping.

On the iOS side, the charts show exactly the opposite. After analyzing more than 6.3 million apps in 2014, Symantec classified 2.3 million apps as grayware and a further 1.3 millions apps within the grayware category as madware. (This section is rather interesting: there were a total of 3.17 million apps available in all major app stores as of July 2014 — Google Play, App Store, Windows Phone Store, Amazon Appstore, and BlackBerry World — according to Statista. As of the writing of this article, there are 2.15 millions apps approved in the App Store but only 1.41 million available. We’ve reached out to Symantec to clarify that info. We’ll update the post as soon as we hear back.)

In 2014, Symantec discovered 168 mobile vulnerabilities, up 32% compared to the previous year. What’s alarming, though, is that 84% of those vulnerabilities related to iOS in 2014. This is a stark contrast to Android’s 11% or BlackBerry’s 4%.

The lengthy report also highlights another trend: the use of private information. An alarming percentage of apps collect and send personally identifiable information to app developers. Although customers do worry about app security, the Symantec survey suggests that consumers are their own worst enemies when it comes to mobile privacy: they are willing to trade their privacy for a free app.