Cyber criminals continue to target Android smartphones

Nearly all new mobile threats in the first quarter of this year targeted Android users, latest research shows

Nearly all new mobile threats in the first quarter of this year targeted Android users, latest research shows.

F-Secure Labs said more than 99% of malicious threats to mobile devices were targeted at Android. Its latest Mobile Threat Report identified 277 new threat families and variants, of which 275 targeted the Android operating system, one targeted iPhone and one Symbian.

During the first quarter of last year, there were 149 new threat families, with 91% of them targeted at the Android platform.

The first quarter of 2014 also saw a number of new malwares, including the first cryptocurrency miner, which hijacks the device to mine for virtual currencies, such as Litecoin. It also saw the first bootkit, which affects the earliest stages of a device’s bootup routine, the first Tor trojan and the first Windows banking trojan.

Mikko Hyppönen, chief research officer at F-Secure, said: “These developments give us signs as to the direction of malware authors. We are very likely to see more of these in the coming months. For example, mobile phones are getting more powerful, making it possible for cyber criminals to profit by using them to mine for cryptocurrencies.”

The first quarter also saw the UK experience the highest level of mobile malware, with 15-20 malicious files blocked per 10,000 users. The US, India and Germany all saw five to 10 malware files blocked per 10,000 users, while in Saudi Arabia and the Netherlands, two to five files were blocked per 10,000 users.

What do mobile threats do once they have infected a device?

The F-Secure Labs report finds that 83% of mobile trojans send SMS messages to premium numbers or SMS-based subscription services – by far the most common malicious activity. Others include:

  • Downloading or installing unsolicited files or apps onto the device.
  • Silently tracking device location or audio or video to monitor the user.
  • Pretending to be a mobile AV solution but actually having no useful functionality.
  • Silently connecting to websites in order to inflate the site’s visit counters.
  • Silently monitoring and diverting banking-related SMS messages for fraud.
  • Stealing personal data like files, contacts, photos and other private details.
  • Charging a ‘fee’ for use, update or installation of a legitimate and usually free app.

Read more on Business continuity planning