• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

McDonald’s job app exposes data of 64 Million applicants

 | 

Athlete or Hacker? Russian basketball player accused in U.S. ransomware case

 | 

U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

 | 

UK NCA arrested four people over M&S, Co-op cyberattacks

 | 

PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

 | 

Qantas data breach impacted 5.7 million individuals

 | 

DoNot APT is expanding scope targeting European foreign ministries

 | 

Nippon Steel Solutions suffered a data breach following a zero-day attack

 | 

Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

 | 

Hackers weaponize Shellter red teaming tool to spread infostealers

 | 

Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day

 | 

Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant

 | 

U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

 | 

IT Worker arrested for selling access in $100M PIX cyber heist

 | 

New Batavia spyware targets Russian industrial enterprises

 | 

Taiwan flags security risks in popular Chinese apps after official probe

 | 

U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

 | 

Hunters International ransomware gang shuts down and offers free decryption keys to all victims

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52

 | 

Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Malware
  • Security
  • Mobile Threat Report for Q1 2013, the monopoly of Android malware

Mobile Threat Report for Q1 2013, the monopoly of Android malware

Pierluigi Paganini May 16, 2013

F-Secure published the Mobile Threat Report for Q1 2013 that reveals Malware targeting Android devices is rapidly growing in both the number of variants detected and in their complexity and sophistication.

F-Secure has published the Mobile Threat Report for Q1 2013, an interesting document that the security firm periodically issues giving information on the evolution of cyber threat in the mobile landscape.

As expected Android malware has monopolized the mobile scenario, the number of Android active mobile threat families and variants has skyrocketed in just a quarter from 49 out of 74 known threats to 96 out of 100, Android malicious code represent almost totality of menaces.

Curious the tweet sent by Apple marketing chief Phil Schiller, a rarity,  that remarked the results of the Mobile Threat Report referring the security Android OS.

Mobile Threat Report Tweet

The study reveals that Android accounts in Q1 for 136 out of 149 known threats,  about 91% of overall malware activity registering an increment respect 2012 to 79%.
Mobile Threat Report NewMobileFamilies

Remaining malware reported in the Mobile Threat  Report is related to Symbian OS meanwhile no news from other OSs.  The research reveals that mobile threats are mainly motivated by profits,  76.5 % of malicious code are design with specific intent to monetize the victim’s infection.

Mobile Threat Report Motivations

The report confirmed a concerning trend that I described in the last months thanks to the investigation of Group IB, the cybercriminal black market is specializing its offer in malware that targeted Google’s Android platforms, in particular is increasing the number of “highly specialized suppliers” who “provide commoditized malware services”.

Around the Android world is grown a “commodity malware” business of creating exploit packages sold on the black a market, unlike Apple’s iOS that implements stricter security policy for third party developers.

Mobile Threat Report states that the attackers arranged their attacks exploiting social engineering techniques, fraudsters deceive Android users hijacking them to service, with a job offer or requesting the update of well known components such as Adobe Flash. In this way unsuspecting users explicitly allow the malware to infect their machine, in common scenario the malicious code, once obtained permission from the user, dial toll numbers or install SMS spyware designed to elude banking authentication processes.

F-Secure Mobile Threat  Report also revealed a sensible increase of the number of targeted attacks against Android devices. In March, an Android malware was used against a Tibetan activist and compromising his email account it has been spread to other high profile human rights activists, according the report the next phase for Android malware will be its use against governments.

Mobile Threat Report described various malware malware, one of the most intriguing is

SmSilence,”, a malicious code discovered in South Korea that uses “the guise of ‘coupons’ for a popular coffeehouse chain,”. F-Secure research described with the following statements its way of working:

 “If the so-called coupon app is installed, the malware will check if the phone number has a South Korean country code (+82). If the condition is met, SmSilence will harvest information from the device and forward the details to a server located in Hong Kong.”

Another interesting malware described in the report is Stels, detected in 2012 by F-Secure Mobile Security as Trojan: Android/SmsSpy.K, an Android trojan spread via mail through a classic phishing schema. The fake mail impersonates U.S. Internal Revenue Service-themed mail, the malware uses “an Android crimeware kit to steal sensitive information from the device,” and it is also able to make calls to premium numbers.

Another reason of the vulnerability of the Android platform is that the majority of users never update Google OS and installed application opening the door to various threats, differently Apple designed for iOS a series of  controls that specifically limit apps behavior and data that applications can manage.

Mobile Threat Report provided us with an indication of the main threats that are targeting the mobile universe, the data confirm an increase in terms of occurrences of malware and what worries most is the increase level of sophistication of threats.

It is a must to define new security models to mitigate the threats and at the same time educate users in the proper use of these powerful devices.

Pierluigi Paganini

(Security Affairs – Security)

 


facebook linkedin twitter

Android Apple F-Secure malware mobile Mobile Threat Report phishing spyware targeted attacks

you might also like

Pierluigi Paganini July 12, 2025
McDonald’s job app exposes data of 64 Million applicants
Read more
Pierluigi Paganini July 11, 2025
U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    McDonald’s job app exposes data of 64 Million applicants

    Hacking / July 12, 2025

    Athlete or Hacker? Russian basketball player accused in U.S. ransomware case

    Uncategorized / July 11, 2025

    U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog

    Hacking / July 11, 2025

    UK NCA arrested four people over M&S, Co-op cyberattacks

    Cyber Crime / July 10, 2025

    PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda

    Hacking / July 10, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT