Abstract— Mobile malware has gained significant ground since the dawning of smartphones and handheld devices. TrendLabs estimated that there were 718,000 malicious and high risk Android apps in the second quarter of 2013. Mobile malware malicious infections arise through various techniques such as installing repackaged legitimate apps with malware, updating current apps that piggy back malicious variants, or even a drive-by download. The infections themselves will perform at least one or multiple of the following techniques, privilege escalation, remote control, financial charge, and information collection, etc. This paper summarizes mobile malware threats and attacks, cybercriminal motivations behind malware, existing prevention methods and their limitations, and challenges encountered when preventing malware on mobile devices. The paper further proposes a cloud-based framework for mobile malware detection. The proposed framework requires a collaboration among mobile subscribers, app stores, and IT security professionals. The cloud-based malware detection is a promising approach towards mobile security.