Now more than ever your smartphone has replaced the PC as the most important smart connected device. Put yourself in a hacker's shoes, the data stored in your smartphone is extremely valuable and worth a lot to criminals. Your phone stores your personal videos and family photos. It knows where you are, who you’ve just talked to, and what you’ve told them about. What’s even worse, it stores your email passwords, bank accounts, credit card transactions, and more. For attackers, nothing knows more about you than your smartphone. And believe it or not, chances are that your smartphone has been compromised. 

Our research findings further confirm that attacks on smartphones are on the rise. DDoS attacks generated by compromised iOS devices increased by 58.45 percent in Q2 2019 from Q1 2019. Whether these compromised devices were jailbroken, infected by malware or contain zero-day exploits, the observation suggests that all smartphones are vulnerable to being leveraged to extract a user’s sensitive data or hijacked into a botnet. But interestingly, DDoS attacks originated from Android devices decreased by about 82 percent over the same period. There could be many reasons behind this phenomenon, such as improved security awareness among Android phone users, a change in market share, or even the trade war. 

By protocol, most attack traffic generated by mobile devices are HTTPS attacks. But that’s only a conservative estimation, as we counted security incidents as DDoS attacks by judging whether they are application attacks, match known attack behaviour, consist of suspicious HTTP headers, or come from blacklisted IP addresses. In other words, we didn’t count those that use spoofed IP addresses, like volumetric attacks. So the real picture remains hidden. The real situation is probably worse than this observation. Not only are mobile botnets growing possibly exponentially right now, but they are also growing in both sophistication and reach.