| Define getting by “just fine”. Nokia’s Threat Intelligence Report of 2021[0] shows that Windows made up over 23% of all malware infections, in 2020[1] that was almost 39%. They seem to have skipped 2022 and 2023 doesn’t seem ready yet. More interesting however is looking at Android since Google has made efforts to match iOS in sandboxing the last few years, as well as the context provided with the statistics. Where 2020 “only” saw Android come in at 26.64% with iOS coming in at 1.72%, in 2021 Android accounted for a whopping 50.31% of the infections while iOS didn’t even register on the charts. Let me repeat that again: over half of all infections in 2021 were on Android devices. Were these super sophisticated attacks? Let’s see, because Nokia, understandably so, dedicated significant sections of their reports to Android. In 2020 they stated (emphasis mine): > In the smartphone sector, the main venue for distributing malware is represented by Trojanized applications. The user is tricked by phishing, advertising or other social engineering into downloading and installing the application. The security of official app stores, such as Google Play Store, has increased continuously. However, the fact that Android applications can be downloaded from just about anywhere still represents a huge problem, as users are free to download apps from third-party app stores, where many of the applications, while functional, are Trojanized. iPhones applications, on the other hand, are for the most part limited to one source, the Apple Store. In 2021 they stated (emphasis again mine): > Among smartphones, Android devices remain the most targeted by malware due to the open environment and availability of third-party app stores. > […] > The number of Trojans targeting banking information through Android mobile devices has skyrocketed, putting millions of users around the world at financial risk. > […] > Banking Trojans can arrive on smartphones in a variety of ways, often disguised as common and useful apps. When run, they request a variety of permissions needed to perform their desired behavior, then often remove their icon from the application pane, effectively disappearing from the device. In many cases, the apps never provide the promised functionality that enticed the phone's owner to install them and are forgotten quickly after disappearing. However, they remain installed and continue to run as background tasks, using a variety of tricks to collect user information. These may include capturing keystrokes, superimposing their own transparent overlays onto bank login screens, taking screenshots and even accessing Google Authenticator codes. So it looks like in most cases users are being tricked to install malware and grant permissions. This all also explains why the whole “muh sandbox” argument carries little weight.
Not only is the sandbox but a single layer of a bigger Swiss cheese model, the sandbox isn’t gonna help your mom if she’s tricked into granting permissions. So I ask you again to define “just fine”, because from where I’m standing Windows making up more than 20% of all malware infections is far from “just fine”, let alone Android’s more than half.
And I know you said x86, but the two and a half Linux users don’t really make a significant dent in statistics, nor is x86 the relevant platform for this discussion. On top of that you can bet your ass that iOS users will be prime targets, certainly more desirable targets than random Android and Windows users, because of potential ill gotten gains. 0: https://vpnoverview.com/wp-content/uploads/nokia_threat_inte... 1: https://onestore.nokia.com/asset/i/210088 |