Almost all new mobile threats target Android, says F-Secure, which warns that the new types of threats being created indicate that the mobile malware landscape is becoming increasingly complex and sophisticated.
The security firm says 277 new threat families and variants were discovered in the last three months, 275 of which targeted Google’s mobile operating system, with one targeting iOS and another targeting the increasingly irrelevant Symbian platform.
Of these threats, the majority sent silent SMS messages to premium rate phone numbers, but F-Secure also detected a number of firsts for the Android platform in the past three months.
“These developments give us signs to the direction of malware authors,” says Mikko Hyppönen, Chief Research Officer at F-Secure. “We’ll very likely see more of these in the coming months. For example, mobile phones are getting more powerful, making it possible for cybercriminals to profit by using them to mine for cryptocurrencies.”
F-Secure says it will be interesting to see whether the next version of Android has any impact on the activities of mobile malware as version 4.2 will require users to confirm before an SMS is sent to a premium rate number.
Other popular activities of mobile malware include the silent downloading of files, data theft and banking fraud, while others pretended to be anti-virus software despite having no such functionality or silently connected to websites to boost traffic.
Another development was malware charging a fee for the use, update of installation of an otherwise free application, while F-Secure also noted the emergence of the Dendroid toolkit, which promises to make creating mobile malware as easy as a few clicks by mimicking the virus construction kits and exploit kits available for PCs.
The one threat for iPhone only affects a jailbroken device, and hacks advertising modules in apps to display alternative advertising, while the one Symbian threat simply sent silent SMS messages.
F-Secure notes that some of this malware can reach the Google Play store with many users downloading malicious apps before Google can remove the software from the marketplace. The search giant recently promised to refund all users who downloading fake AV app Virus Shield, and offered them a $5 voucher in an effort to restore their confidence.
Are you a security pro? Try our quiz!
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…
New chapter for LastPass as it becomes an independent company to focus on cybersecurity, after…
US FCC seeks to ban Chinese telecom firms at centre of national security concerns from…
Two updates to Anthropic's AI chatbot Claude sees arrival of a new business-focused plan, as…