Almost All Mobile Malware Targets Android Says F-Secure

More than 99 percent of new mobile malware targets Android, but someone, somewhere is still targeting Symbian

Almost all new mobile threats target Android, says F-Secure, which warns that the new types of threats being created indicate that the mobile malware landscape is becoming increasingly complex and sophisticated.

The security firm says 277 new threat families and variants were discovered in the last three months, 275 of which targeted Google’s mobile operating system, with one targeting iOS and another targeting the increasingly irrelevant Symbian platform.

Of these threats, the majority sent silent SMS messages to premium rate phone numbers, but F-Secure also detected a number of firsts for the Android platform in the past three months.

Android malware

Android-Fragmentation-largeThe new types of malware include the first cryptominer, which hijacks a device to mine for virtual currencies, the first bootkit, which attacks the device during its bootup routine, making it difficult to detect and remove, and the first instance of a Windows banking Trojan making the jump to Android.

“These developments give us signs to the direction of malware authors,” says Mikko Hyppönen, Chief Research Officer at F-Secure. “We’ll very likely see more of these in the coming months. For example, mobile phones are getting more powerful, making it possible for cybercriminals to profit by using them to mine for cryptocurrencies.”

F-Secure says it will be interesting to see whether the next version of Android has any impact on the activities of mobile malware as version 4.2 will require users to confirm before an SMS is sent to a premium rate number.

Other popular activities of mobile malware include the silent downloading of files, data theft and banking fraud, while others pretended to be anti-virus software despite having no such functionality or silently connected to websites to boost traffic.

New types of threat

Another development was malware charging a fee for the use, update of installation of an otherwise free application, while F-Secure also noted the emergence of the Dendroid toolkit, which promises to make creating mobile malware as easy as a few clicks by mimicking the virus construction kits and exploit kits available for PCs.

The one threat for iPhone only affects a jailbroken device, and hacks advertising modules in apps to display alternative advertising, while the one Symbian threat simply sent silent SMS messages.

F-Secure notes that some of this malware can reach the Google Play store with many users downloading malicious apps before Google can remove the software from the marketplace. The search giant recently promised to refund all users who downloading fake AV app Virus Shield, and offered them a $5 voucher in an effort to restore their confidence.

Are you a security pro? Try our quiz!