F-Secure, one of the world’s leading online security companies based in Finland, has just released its Q1 2014 mobile threat report which shows what threats are affecting which mobile devices. For the first quarter of this year there were 277 new mobile threats discovered all but two targeted Android devices. Of the two new threats detected not affecting the Android platform, one targeted the iPhone while the other targeted Symbian devices.
The report also showed a number of firsts for the Android platform. The first cryptocurrency miner has appeared for Android during the first quarter of this year. This malware uses a device to mine virtual currencies without the knowledge of the device owner. The first bootkit has also appeared which affects the early boot stage of a device and is more difficult to detect and remove. The first Tor Trojan and the first Windows banking Trojan that jumped over to the Android platform has also appeared.
According to Mikko Hyppönen, Chief Research Officer at F-Secure, “These developments give us signs to the direction of malware authors. We’ll very likely see more of these in the coming months. For example, mobile phones are getting more powerful, making it possible for cybercriminals to profit by using them to mine for cryptocurrencies.”
Of the countries that had the most number of malware incidence Great Britain topped the list with 15-20 malware files blocked per 10,000 users. The United States, India, and Germany were next with 10 malware blocked for every 10,000 users. Saudi Arabia and the Netherlands followed with 2-5 malware blocked for every 10,000 users.
What do these mobile threats do when they infect a device? Their most common activities are listed below.
- Sending SMS messages to premium-rate numbers
- Downloading or installing unsolicited files or apps onto the device
- Silently tracking device location or audio or video to monitor the user
- Pretending to be a mobile AV solution but actually having no useful functionality
- Silently connecting to websites in order to inflate the site’s visit counters
- Silently monitoring and diverting banking-related SMS messages for fraud
- Stealing personal data like files, contacts, photos and other private details
- Charging a ‘fee’ for use, update or installation of a legitimate and usually free app
In order for Android device owners to protect themselves from mobile threats it is very important to get apps only from authorized sources such as the Google Play Store. It also helps if a security software is installed on a device which can scan and protect it from known threats.