Mobile malware threats jump 26% in third quarter

The number of mobile malware threat families increased by 26% in the third quarter of 2013 to 259, according to F-Secure.

The number of mobile malware threat families rose to 259 in the third quarter of the year, a 26% increase on the previous quarter, according to F-Secure’s latest Mobile Threat Report.

The report is based on data from the official Android Play Store and Apple App Store, third-party app markets and anonymised data from F-Secure mobile security customers.

Malware targeting Google’s Android operating system makes up 97% of threats, with those targeting the Symbian operating system making up the remainder.

Malware authors continue to concentrate on the Android platform, the report said, as Android holds 79.3% of the total market share in mobile phones and tablet devices.

No malware has been recorded in 2013 on the BlackBerry, iOS or Windows Phone platforms.

In another step in the march towards Android malware commoditisation, a new toolkit called Androrat APK binder appeared in July.

Malware authors continue to concentrate on the Android platform. No malware has been recorded in 2013 on the BlackBerry, iOS or Windows Phone platforms

F-Secure Mobile Threat Report

The toolkit simplifies the process of inserting malicious code into legitimate Android apps, according to the report.

Another trend indentified in the third quarter is the increasing growth of profit-motivated threats that typically make monetary profit by sending premium-rate SMS messages from infected devices, without the user's consent.

This rise could be attributed to the continued growth in large SMS-sending trojan families such as FakeInst, OpFake, PremiumSms and SmsSend, the report said.

One in five mobile threats are now bots, which is a sign that complexity of Android malware is increasing, the report said.

However, fewer malware threats are appearing in the Google Play store due to enhanced security measures.

More on mobile malware

Instead, the growing concern in Google Play is with apps that infringe on privacy by collection excessive data.

“People understand there’s something questionable about giving their information to big data, yet they give a lot of the same information to questionable apps all the time,” said Sean Sullivan, security advisor at F-Secure Labs.

But at least with companies such as Google there is some accountability and some established privacy practices, he said. For example, if users delete a Gmail account, Google will delete the data.

“But with these little apps, you have no idea what they’re doing with your data. And do you know what they’re doing? They’re selling it to marketing networks,” said Sullivan.

Read more on Hackers and cybercrime prevention