Franklin Heath Ltd

Master Your Information Assets

  • Categories

  • Meta

Mobile Malware "Study": Not News

Posted by Craig H on 31 July 2009

SMobile Systems put out a press release this week, with the headline “One in 63 Smartphones Infected by Mobile Spyware and Malware”. Unfortunately this headline is grossly misleading, and it has therefore been the cause of a lot of inaccurate reports.

It’s striking that SMobile Systems have chosen not to publish any of the supporting data from this “study”. I believe this is because, when the actual data is examined, the accurate conclusion is malware or spyware found in only 31 infected smartphones, most of them obsolete, which would, of course, be of no interest to any news media.

SMobile Systems have told me that the 1,958 smartphones examined are all registered with their malware detection service. Any statistician will tell you that to draw conclusions from a small sample, that sample must be randomly selected from the total population, not self-selected. The “one in 63” conclusion is thus completely invalid (obviously someone who does have malware on their phone is far more likely to subscribe to a malware removal service than someone who does not).

I have also been told that the vast majority of the infections they are detecting are Flocker. That can only infect phones with pre-2006 versions of Symbian OS and S60. All MOAP phones, UIQ phones and S60 3rd and 5th edition phones are completely unaffected by it. As we know, there has been malware on older versions of Symbian OS, but that’s precisely why we introduced platform security in 2006, and that’s still doing it’s job very well, thank you.

7 Responses to “Mobile Malware "Study": Not News”

  1. craig said

    i’m glad you made that statement b/c i’m fed up of all these security services scare mongering to boost sales in their sector.
    I will say what i’ve been saying all long, as long as your not getting devcerts of dodgey chinese sites to install apps that are not symbian certified then 99.99999% of people will never ever get any problem with such things

    • Craig H said

      There’s a good, sceptical, article on The Register now. I like “the most dangerous infection one of you is going to be carrying is probably swine flu”🙂

  2. […] 1 Aug: Symbian Foundation has done some research on this and it turns out the malware SMobile found is very old and only on pre-2006 […]

  3. […] H, from the Symbian Foundation Security Blog, also noticed this bit of misleading information, and posted his rebuttal here. The Register also did a bit of digging and […]

  4. […] probably be more popular but not proud. Colleague Craig Heath posted a brief explanation on the Symbian Security Blog. This entry was written by Anatolie Papas, posted on August 2, 2009 at 8:16 PM, filed under Links […]

  5. Very useful information, always good to learn more.

  6. […] Group to see if we can publish some; still, I’m personally convinced it’s nowhere near “1 in 63″! Statistics on the theft of phones are easier to come by. In the UK, a 2009 report published by a […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: