Top Q1 Mobile Threat Target: Android

Thursday, May 1, 2014 @ 05:05 PM gHale

Just about all of the new mobile threats discovered in the first quarter of 2014 targeted Android users, according to by F-Secure Labs’ Mobile Threat Report.

Of the 277 new threat families and variants discovered in Q1, 275 targeted Android, one iPhone, and one Symbian. That means 99 percent of the threats focused on Android. In comparison, the same quarter last year brought 149 new threat families and variants, 91 percent of which targeted Android, researchers said.

Firms Watch Data Walk Out the Door
Security and Safety: Perfect Together
All Companies Host Malware: Report
Users Breaching Security Policies

The first quarter also saw a number of firsts for Android malware. This indicates the mobile threat landscape is continuing to develop in sophistication and complexity.

The quarter saw the first cryptocurrency miner, which hijacks the device to mine for virtual currencies such as Litecoin, said researchers at F-Secure. It saw the first bootkit, which affects the earliest stages of the device’s bootup routine and is extremely difficult to detect and remove. It saw the first Tor Trojan and the first Windows banking Trojan for Android.

Great Britain experienced the highest level of mobile malware measured by F-Secure in Q1, with 15-20 malware files blocked per 10,000 users there, or about 1 in 500 users. The U.S., India and Germany all had 5 to 10 malware blocked for every 10,000 users. And in Saudi Arabia and the Netherlands, 2 to 5 malware blocked per 10,000 users.

The report finds 83 percent of mobile Trojans send SMS messages to premium numbers or SMS-based subscription services.

Here’s a list of the most common malicious activities for mobile Trojans:
• Sending SMS messages to premium-rate numbers
• Downloading or installing unsolicited files or apps onto the device
• Silently tracking device location or audio or video to monitor the user
• Pretending to be a mobile AV solution but actually having no useful functionality
• Silently connecting to websites in order to inflate the site’s visit counters
• Silently monitoring and diverting banking-related SMS messages for fraud
• Stealing personal data like files, contacts, photos and other private details
• Charging a “fee” for use, update or installation of a legitimate and usually free app.

Click here to download F-Secure Labs’ Mobile Threat Report.

Leave a Reply

You must be logged in to post a comment.