[skolor]

Right, but the iPhone user would find it a lot more noticible. The reason botnets can exist are because they users of the infected computer don't try to fix it. With a phone, the incentive to fix the problem is much biger: it eats up 100% of your available resources every time it attacks someone.

[SamAtt]

Yes, if the people making the malware were complete idiots and ran down people's batteries it would be noticeable. But, as on the PC, I'm sure they could find a way to make it just subtle enough to not be noticed. Estimates place the number of personal PCs infected with some kind of malware as high as 89% (http://www.webroot.com/resources/stateofspyware/excerpt.html) so I have to believe they could find a way to con a good percentage of cell phone users if given the chance.

[skolor]

That is because malware is a very general term, since it applies to everything from a full blown virus that destroys your computer to a tracking cookie that reports back to a server what you do online.

The reason malware is able to run rampant on computers is simply because of their versatility. A piece of phone malware is fairly limited. The botnet analogue is an auto-dialer, which completely ties up the phone's primary resource (its phone line). On a botnet, it may tie up a good portion of the computers connect, but enough gets through that the user just deals with it.

Actually, if all the malware was doing was draining the battery I doubt the phone users would notice at all. They would assume their phone was getting old and losing its charge, the same way users now assume the reason computers gets slow is because its getting old.

I just don't see any reason for phone-based malware. There are two types of malware: High intrusion and Low intrusion. High intrusion are things like Botnets and Auto-spammers. They tie up a lot of the computer's resources in order to make a profit off of them. The Low intrusion malware are things like tracking cookies and keyloggers. They exist because they gather data, and then send it en-masse to a server, where it is analysed and sold.

High intrusion on a phone does not have any place. The user will take their phone back to their provider because it doesn't work. You can't tie up just part of a phone line, its all or nothing. You could tie up part of the internet connection, but the user is paying for that out the nose and will notice any sizable use of the connection.

Low intrusion is possible, but users (at least from my experience) don't do anything particularly useful for that kind off malware on their phones. You can steal their browsing history (maybe), or their call logs/messenging, but the second isn't valuable (a little, but not much, definitely not worth the risk), and the first, from my experience isn't valuable. Users just don't go to those high value sites (bank sites and the like) on their phones.