Over 99% of new mobile threats discovered in the first quarter of this year targeted users of the Android platform, with a number of firsts emerging in 2014 so far.
This is according to Finland-based anti-virus vendor F-Secure Labs' latest Mobile Threat Report. The security firm says 277 new threat families and variants were discovered over the past four months - 275 of which targeted Android, one iPhone, and one Symbian. In comparison, the same quarter last year brought 149 new threat families and variants, 91% of which targeted Android.
The first quarter also saw a number of firsts for Android malware, which F-Secure says indicates the mobile threatscape is continuing to develop in sophistication and complexity.
"The quarter saw the first cryptocurrency miner, which hijacks the device to mine for virtual currencies such as Litecoin. It saw the first bootkit, which affects the earliest stages of the device's bootup routine and is extremely difficult to detect and remove. It saw the first Tor Trojan and the first Windows banking Trojan hopping over to Android."
Mikko Hypp"onen, chief research officer at F-Secure, says these developments give security firms signs to the direction of malware authors. "We'll very likely see more of these in the coming months. For example, mobile phones are getting more powerful, making it possible for cyber criminals to profit by using them to mine for cryptocurrencies."
Activity and prevention
The mobile threat report found 83% of mobile Trojans send SMS messages to premium numbers or SMS-based subscription services - by far the most common malicious activity.
The following is a list of the most common malicious activities that mobile Trojans engage in, according to F-Secure:
1. Sending SMS messages to premium-rate numbers.
2. Downloading or installing unsolicited files or apps onto the device.
3. Silently tracking device location or audio or video to monitor the user.
4. Pretending to be a mobile AV solution, but actually having no useful functionality.
5. Silently connecting to Web sites in order to inflate the site's visit counters.
6. Silently monitoring and diverting banking-related SMS messages for fraud.
7. Stealing personal data like files, contacts, photos and other private details.
8. Charging a "fee" for use, update or installation of a legitimate and usually free app.
In terms of what users can do to protect themselves from these malicious activities, the company suggests:
1. Lock the device: Despite concern around online-based attacks, the easiest way for malware to get on a device is still for someone to secretly manually install it.
2. Use anti-theft protection: Anti-theft protection provides the ability to remotely wipe the data on the device, including on removable media, if you think the device is irretrievable.
3. Set up message barring: If the Android device isn't using OS version 4.2 (Jellybean), consider requesting a call or SMS barring service (also known as "premium-rate blocking") from the operator to prevent unwanted outgoing calls or messages.
4. Download only from trusted sources: By default, Android devices block installation of apps from any source other than the Play Store. Make sure the device only allows Play Store apps by looking in Settings > Applications/Security > Unknown sources. If the checkbox is checked, non-Play Store apps can be installed. Uncheck this.
5. Scrutinise permission requests: Whether downloading from the Play Store or other sources, check the app's list of requested permissions. Does it ask for Internet connection, to save files to external storage, or to be allowed to send SMS messages? Check the developer's site to see why the permissions are needed and look at reviews for feedback from other users.
6. Scan downloaded apps: If downloading an app from another source, use a reputable mobile anti-virus to scan it before installing.
Share