F-Secure Releases First Quarter Mobile Threat Report

Nearly all new mobile threats in Q1 2014 targeted Android users, and cybercriminals continued to innovate with a list of first-ever threats on the platform

April 30, 2014

3 Min Read


SAN JOSE, Calif. – April 29, 2014 – More than 99 percent of new mobile threats discovered by F-Secure Labs in the first quarter of 2014 targeted Android users, according to F-Secure’s new Mobile Threat Report. Two hundred seventy-seven new threat families and variants were discovered, all but two targeted Android – of the two that didn’t, one targeted the iPhone, and one targeted Symbian. In comparison, the same quarter last year brought 149 new threat families and variants, of which 91 percent targeted Android.

The first quarter also saw a number of firsts for Android malware. This indicates the mobile threatscape is continuing to develop in sophistication and complexity. The quarter saw the first cryptocurrency miner, which hijacks the device to mine for virtual currencies such as Litecoin. It saw the first bootkit, which affects the earliest stages of the device’s bootup routine and is extremely difficult to detect and remove. It saw the first Tor trojan and the first Windows banking trojan hopping over to Android.

“These developments give us signs to the direction of malware authors,” said Mikko Hyppönen, Chief Research Officer at F-Secure. “We’ll very likely see more of these in the coming months. For example, mobile phones are getting more powerful, making it possible for cybercriminals to profit by using them to mine for cryptocurrencies.”

Great Britain experienced the highest level of mobile malware measured by F-Secure in Q1, with 15-20 malware files blocked per 10,000 users there, or about one in 500 users. The U.S., India and Germany all had five to 10 malware blocked for every 10,000 users. And in Saudi Arabia and the Netherlands, two to five malware were blocked per 10,000 users.

Devious intentions

What do mobile threats do once they’ve infected a device? The report finds that 83 percent of mobile trojans send SMS messages to premium numbers or SMS-based subscription services – by far the most common malicious activity.

Here are the most common malicious activities that mobile trojans engage in:

·      Sending SMS messages to premium-rate numbers

·      Downloading or installing unsolicited files or apps onto the device

·      Silently tracking device location or audio or video to monitor the user

·      Pretending to be a mobile AV solution but actually having no useful functionality

·      Silently connecting to websites in order to inflate the site’s visit counters

·      Silently monitoring and diverting banking-related SMS messages for fraud

·      Stealing personal data like files, contacts, photos and other private details

·      Charging a ‘fee’ for use, update or installation of a legitimate and usually free app

For more details on iPhone and Symbian, what you can do to protect yourself from threats and more, see the Mobile Threat Report Q1 2014.

For the best Android security for online banking and browsing, with parental controls, app scanning, antitheft and more, try F-Secure Mobile Security free for 30 days. Also available in Google Play.

F-Secure – Switch on freedom

F-Secure is an online security and privacy company from Finland. We offer millions of people around the globe the power to surf invisibly and store and share stuff, safe from online threats. We are here to fight for digital freedom. Join the movement and switch on freedom.

Founded in 1988, F-Secure is listed on NASDAQ OMX Helsinki Ltd.

f-secure.com | twitter.com/fsecure | facebook.com/f-secure


Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights