The number of mobile malware variants targeting smartphone and tablet users has risen by 49 percent since 2012, according to Finnish security firm F-Secure, with Android the overwhelming target for crooks.
The firm reported that the number of mobile malware variants active in the wild rose from 100 to 149 in its Q1 2013 Threat Report, published on Tuesday. Google Android remained the most insecure ecosystem, with 91 percent of the malwares targeting the platform. Below it, Nokia's ancient Symbian operating system spoke for the other nine percent of known mobile malwares.
F-Secure said the complexity of the attacks also increased during the period and that criminals are now using spam as well as Trojanised apps to infect Android devices. Previously, the majority of Android malware was hidden in apps on the official Google Play store and third party marketplaces.
F-Secure security analyst Sean Sullivan said the move to spam is an alarming one as it will allow criminals to create more tailored targeted attacks to dupe their victims into clicking infected links, or downloading malicious attachments. Sullivan highlighted a recent spam campaign attempting to spread the Stels Trojan by masquerading as a message from US Internal Revenue Service, as an example of how dangerous criminals' use of spam could be.
The message purported to be a legitimate message about the user's tax, instructing them to click on an attachment contained in the message. When downloaded, the attachment infected the Android handset with the crimeware, letting the criminals steal information stored on the device and steal money by making calls to premium numbers. Sullivan listed the scam as a "game changer" in the security community.
The report also highlighted a recent fraud scam in India as a further example of how ingenious criminals' mobile scams can be. It said: "[This quarter marked the] discovery of the first Android advanced fee fraud. [It targets users with a] fake job ‘offer' Android app in India that informs the user is they are being considered for a position at Tata Group, an Indian multinational company. To arrange the interview, the app asks for a refundable security deposit."
F-Secure's findings mirror those of numerous other security vendors. Prior to it, competing security firm Trend Micro predicted that criminals' interest in Android will grow and that the number of threats targeting Android will break past the one million mark by the end of 2013.
For security tips to help protect your Android device, click on the video below.