This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

97% of mobile malware targets Android users

Share this article:

Majority of mobile threats in 2013 motivated by profit say F-Secure

Android apps too free and easy with access permissions
Android apps too free and easy with access permissions

Research just published claims to show that more than 97 percent of mobile malware is aimed at Android devices and their users.

Against a backdrop of most analysts reporting Android as accounting for  65 to 70 percent of the smartphone market, this suggests cybercriminals are actively targeting the Google mobile operating system in preference to other platforms.

F-Secure, whose 40-page H2-2013 Threat Report was released this morning, acknowledges that the Android security situation is bad.

[What is also interesting is that the mobile security vendor says that Android malware jumped from 238 threats in 2012 to 804 in 2013 - with new Symbian malware barely registering and no active new threats discovered for other smartphone platforms.

Mikko Hypponen, F-Secure's chief research officer said that mobile threats are only part of a larger threats landscape that is being driven by social media usage - which may come back to haunt today's teenagers in later life.

In fact, he says in the report, it is going to be interesting to watch presidential elections in around 2040, as the teenage angst pics and posts of all candidates will be dug out from old social media and discussion forum archives for everyone to see.

Other issues such as the hot topic of government surveillance, meanwhile, is not about governments collecting the information you are sharing publicly and willingly, but is more about collecting the information you do not think you're sharing at all.

This includes information such as the online searches you carry out with search engines - as well as your mobile's location and your private emails plus text messages.

"But just because it can technically be done doesn't make it right. Our enemies keep changing. We used to fight the online hackers, then the online criminals. Nowadays we worry more and more about governmental action," he noted.

Back on the mobile track, F-Secure's H2-2013 threat report says that repackaged apps pose a security risk, since they typically ask for more permissions than the original non-trojanised programs, which is the ‘weak point' that allows the app to complete its malicious routines.

Repackaged apps, says the report, are essentially an updated take on social engineering, since they take advantage of the user's overriding desire to install and use a popular app to gain the permissions needed to execute their malicious behaviour.

The main driver behind mobile security threats, the report concludes, is not mischief, but sheer profit - with the majority of mobile threats F-Secure saw in 2013 being motivated by profit.

Commenting on the report, Rob Bamforth, a Principal Analyst with business and security research house Quocirca, said the conclusion  is that the vast majority of mobile malware is affecting Android - even though the mobile operating system's market share is much less than this percentile - reflects the fact that Android is a much softer target for cybercriminals than other platforms,

"By software I mean from an operating system perspective," he said, adding that this may be due to lack of control over the Android ecosystem, as compared to the controls on apps and other issues imposed by Apple on its platform.

Basically, he told SCMagazineUK.com, the control over the Android ecosystem just isn't there.

"You don't get this problem with, for example, Apple, as the iOS platform is a closed and heavily controlled apps environment,” he said.

On the other hand, the Quocirca analyst went on to say, Android has established a reputation amongst its users as being an open an innovative mobile platform - even if there are a large number of variances when compared to other mobile operating systems

"My view is that Android is going the same way as Java. As each different version appears, it shares different elements of the software stack. This variance is unique to Android, and doesn't apply to the Windows or Apples mobile platforms, which do not share stacks," he concluded.

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Banking Trojans target energy sector as APTs

Banking Trojans target energy sector as APTs

Banking Trojans are increasingly being used to launch advanced APT attacks, says IBM Trusteer, which has revealed a recent attack on several petrochemical companies in the Middle East using Citadel ...

Britain's small cyber security firms get £4m boost

Britain's small cyber security firms get £4m boost

Business secretary Vince Cable has launched a new £4 million government competition to help the UK's small cyber security businesses find new ways to combat the cyber threat.

GCHQ 'spied on Germany's Deutsche Telekom'; Germans sell spyware

GCHQ 'spied on Germany's Deutsche Telekom'; Germans sell ...

UK and US spies reported to spy on Deutsche Telekom in Snowden documents, while Germany's FinFisher accused of supplying surveillance software to repressive regimes.