Android malware threats on the rise, warns F-Secure

Android Malware. It’s something that we hear a fair bit about at Ausdroid, and it’s something that you probably should be mindful of. Every so often, digital security companies put out their research on the current trends in security threats, and F-Secure has just released their Q1 2014 findings.

F-Secure claims that over 99% of the new mobile threats they discovered targeted Android, and it’s easy to understand why: it’s fast becoming the most popular platform, and unlike iOS with its strongly enforced walled-garden approach, the security model on Android is different, and arguably more permissive, which allows greater opportunity for malware to find its way in.

In Q1 2014, F-Secure found 277 new threat families and variants, 275 of which targeted Android, one iPhone, and one Symbian. In comparison, the same quarter last year brought 149 new threat families and variants, 91% of which targeted Android.

It’s not just a growth in malware that’s of concern; there’s also been a number of new threats uncovered. F-Secure found a cryptocurrency (think BitCoin) miner, which infects a user’s phone and uses their spare CPU cycles to generate currency for the operator of the hack. We’re also seeing threats which target the early boot-up stage of Android which makes them hard to remove, trojan horse type malwares, as well as those targeting online banking.

Mikko Hyppönen, F-Secure’s Chief Research Officer said:

These developments give us signs to the direction of malware authors. We’ll very likely see more of these in the coming months. For example, mobile phones are getting more powerful, making it possible for cybercriminals to profit by using them to mine for cryptocurrencies.

It seems much of this malware was detected in the UK, Europe and the Middle East, with lesser findings in the US and elsewhere. However, while there isn’t much detail about infection rates in Australia, it’s highly likely that as a smart-phone adopting nation, we’re likely to be right up there. It’s just a question of whether these things are detected, and if so, reported.

More traditional threats still exist, with malware targeting premium SMS-based subscription services also remaining steady as the most common malicious activity.

F-Secure have prepared a list of the most common malware activities, below. If you see any of these things happening on your handset or on your mobile bill, it’s time to take a close look at what’s happening on your phone.

• Sending SMS messages to premium-rate numbers
• Downloading or installing unsolicited files or apps onto the device
• Silently tracking device location or audio or video to monitor the user
• Pretending to be a mobile AV solution but actually having no useful functionality
• Silently connecting to websites in order to inflate the site’s visit counters
• Silently monitoring and diverting banking-related SMS messages for fraud
• Stealing personal data like files, contacts, photos and other private details
• Charging a ‘fee’ for use, update or installation of a legitimate and usually free app

If you’re after more information about F-Secure’s research and findings, you can view the Mobile Threat Report Q1 2014 on their website.

We don’t advocate any particular company’s products in the realm of threat protection, but there are solutions from F-Secure, Trend Micro and others. You should consider them all, and consider whether you need one; those who are very careful with what they do on their smartphones would probably consider such security solutions as snake-oil, but others who are less careful, or perhaps less knowledgeable, may benefit from this kind of protection.