* [Blog](https://www.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www.paloaltonetworks.com/blog/corporate/)
* [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/)
* Mobile Android Is an Even...

# Mobile Android Is an Even Bigger Opportunity for Attackers Than Windows PCs

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2018%2F02%2Fsp-mobile-android-even-bigger-opportunity-attackers-windows-pcs%2F)  
[](https://twitter.com/share?text=Mobile+Android+Is+an+Even+Bigger+Opportunity+for+Attackers+Than+Windows+PCs&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2018%2F02%2Fsp-mobile-android-even-bigger-opportunity-attackers-windows-pcs%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2018%2F02%2Fsp-mobile-android-even-bigger-opportunity-attackers-windows-pcs%2F&title=Mobile+Android+Is+an+Even+Bigger+Opportunity+for+Attackers+Than+Windows+PCs&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/2018/02/sp-mobile-android-even-bigger-opportunity-attackers-windows-pcs/&ts=markdown)  
\[\](mailto:?subject=Mobile Android Is an Even Bigger Opportunity for Attackers Than Windows PCs)  
Link copied  
By [Terry Young](https://www.paloaltonetworks.com/blog/author/terry-young/?ts=markdown "Posts by Terry Young")  
Feb 07, 2018  
4 minutes  
[Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)  
[Service Providers](https://www.paloaltonetworks.com/blog/category/service-providers/?ts=markdown)  
[Android](https://www.paloaltonetworks.com/blog/tag/android/?ts=markdown)  
[mobile](https://www.paloaltonetworks.com/blog/tag/mobile/?ts=markdown)  
[threat](https://www.paloaltonetworks.com/blog/tag/threat/?ts=markdown)

Mobile Android is now a bigger threat opportunity than Windows PCs -- in terms of shipments, usage, installed base and the number of vulnerable targets.

According to [Statcounter](http://gs.statcounter.com/os-market-share), at the end of 2017, the leading mobile operating system, Android OS, was the most used global operating system, surpassing usage of 17 other operating systems, including Windows. Android had surpassed Windows shipments a few years ago, reaching 1.9 billion by the end of 2017 -- nine times the shipments of traditional PCs according to [Gartner](https://www.gartner.com/newsroom/id/3816763). There are now 2.7 billion Android-based smart devices in use, compared to an estimated 1.5 billion Windows devices.

Historically, cybercriminals simply did not have enough vulnerable mobile devices out there to make significant attacks worthwhile. That's changed. Cybercriminals are in it for the money; and they look for the most vulnerable targets, in the greatest quantity, that will take the least amount of effort to breach and have the highest potential for monetary gain.

This building of mobile threat has been foreseen for some time. In 2006, roughly six months before the release of the first iPhone, [Scientific American](http://www.cs.virginia.edu/~robins/Malware_Goes_Mobile.pdf) warned about the perils of mobile malware and noted mobile malware growth at that time roughly paralleled that of computer viruses in the first two years after the first PC virus, "Brain," was released in 1986.

In 1988, computer experts dismissed viruses as inconsequential, vastly underestimating how quickly malware could grow in prevalence, diversity and sophistication. In their 2006 article, Scientific American also warned about making the same mistakes with mobile, pointing out that the bigger the target, the greater the attraction for malicious programmers and that smartphones would soon make up most of the world's computers (now true).

Outdated Windows devices have proven to be a significant security risk. About [140 million](https://www.mirror.co.uk/tech/how-many-computers-still-running-10425650) active Windows PCs are still running Windows XP, a 14-year-old operating system that Microsoft stopped updating in 2014. The massive WannaCry cyberattack last year exploited a security hole in the Windows XP operating system.

But in comparison, Android has about one billion of the 2.7 billion active devices running outdated operating systems. That's about seven times the amount of vulnerable XP devices.

Mobile devices do have had some advantages over Windows security-wise, so maybe that will help stall the pace of infection and attack going forward. Applications are more tightly controlled by OS leaders, like Apple and Google, and users must provide permission to allow access to core phone functions. There are fewer malicious actors adept in mobile software. But counter to that is the more casual attitude of subscribers towards security of their mobile devices and the fact that mobile devices have billing mechanisms built in, leading to SMS fraud.

Most mobile subscribers don't apply even the basic security passwords, and even fewer install device protection. Permissions in new apps are requested and granted broadly by impatient subscribers. The monetary incentives are also getting sweeter for cybercrime. Use of mobile for financial transactions is growing. The [GSMA](https://www.gsma.com/mobilefordevelopment/sotir) estimated that the industry processed 22 billion financial transactions in 2016 and identifies mobile technology as key to transforming access to financial services in emerging markets for hundreds of millions of people.

Our Unit 42 threat intelligence team has been analyzing threat trends and reporting on the last four years of new Android malware evolution. Check out their latest research on Android threats.

* [Android Toast Overlay Attack: "Cloak and Dagger" with No Permissions](https://www.paloaltonetworks.com/blog/2017/09/unit42-android-toast-overlay-attack-cloak-and-dagger-with-no-permissions/?ts=markdown)

* [SpyDealer: Android Trojan Spying on More Than 40 Apps](https://www.paloaltonetworks.com/blog/2017/07/unit42-spydealer-android-trojan-spying-40-apps/?ts=markdown)

* [A New Trend in Android Adware: Abusing Android Plugin Frameworks](https://www.paloaltonetworks.com/blog/2017/03/unit42-new-trend-android-adware-abusing-android-plugin-frameworks/?ts=markdown)

* [New Android Trojan "Xbot" Phishes Credit Cards and Bank Accounts, Encrypts Devices for Ransom](https://www.paloaltonetworks.com/blog/2016/02/new-android-trojan-xbot-phishes-credit-cards-and-bank-accounts-encrypts-devices-for-ransom/?ts=markdown)

* [Google Play Apps Infected with Malicious IFrames](https://www.paloaltonetworks.com/blog/2017/03/unit42-google-play-apps-infected-malicious-iframes/?ts=markdown)

Will the threat landscape for mobile networks and devices reach the attack volume witnessed with Windows devices and enterprise networks? We believe the answer is "yes," and we think the trend is well underway.

For mobile network operators, the growing number of attacks threatens their own infrastructure as well as their subscribers. Malware-infected devices can be recruited into botnets and turn against mobile infrastructure to degrade network availability. The full visibility provided by Palo Alto Networks Next-Generation Security Platform is essential as it allows mobile network operators to monitor building threats, identify already infected devices and determine appropriate action.

[](http://go.paloaltonetworks.com/mwc2018)  
[![PAN\_MWC-18\_Social-Suite\_blog\_600x200](https://www.paloaltonetworks.com/blog/wp-content/uploads/2018/02/PAN_MWC-18_Social-Suite_blog_600x200.png)](http://go.paloaltonetworks.com/mwc2018)

**[Connect with us at Mobile World Congress in Barcelona](http://go.paloaltonetworks.com/mwc2018)**

Want to learn what we're doing to help secure the new hyper-connected world that we live in? Connect with our mobile network specialists or reserve your seat at one of our speaking sessions at Mobile World Congress in Barcelona.

*** ** * ** ***

## Related Blogs

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Network Perimeter](https://www.paloaltonetworks.com/blog/network-security/category/network-perimeter/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Stop Zero-Day Threats in Zero Time with Nebula](https://www.paloaltonetworks.com/blog/2022/02/stop-zero-day-threats-with-nebula/)

### [5G Security](https://www.paloaltonetworks.com/blog/network-security/category/5g-security/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown), [Service Providers](https://www.paloaltonetworks.com/blog/category/service-providers/?ts=markdown)

[#### Establishing a New Approach for 5G Security](https://www.paloaltonetworks.com/blog/2018/11/sp-establishing-new-approach-5g-security/)

### [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown), [Service Providers](https://www.paloaltonetworks.com/blog/category/service-providers/?ts=markdown)

[#### Silent No More: Mobile Roamers Spur a Security Evolution](https://www.paloaltonetworks.com/blog/2018/11/sp-silent-no-mobile-roamers-spur-security-evolution/)

### [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown), [Service Providers](https://www.paloaltonetworks.com/blog/category/service-providers/?ts=markdown)

[#### Malicious Cryptocurrency Mining Digs Into Mobile](https://www.paloaltonetworks.com/blog/2018/09/sp-malicious-cryptocurrency-mining-digs-mobile/)

### [Endpoint](https://www.paloaltonetworks.com/blog/category/endpoint-2/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown)

[#### Introducing Traps for Android](https://www.paloaltonetworks.com/blog/2018/06/introducing-traps-android/)

### [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Service Providers](https://www.paloaltonetworks.com/blog/category/service-providers/?ts=markdown)

[#### Tame the Wild, Wild West in Service Provider Networks](https://www.paloaltonetworks.com/blog/2018/05/sp-tame-wild-wild-west-service-provider-networks/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language