Kaspersky Internet Security Center

Android Mobile Security Threats

Android Malware Threats 2012 Infographic

Like PCs and Macs, mobile devices are vulnerable to various security threats. In fact, according to a survey conducted by Kaspersky Lab and Interpol between August 2013 and July 2014, one out of five Android devices protected by Kaspersky Lab products was attacked by malware at least once during the reporting period. Cybercriminals have increasingly targeted Android-based and other mobile devices with new threats as they have grown exponentially in popularity in recent years, including SMS Trojans and exploits to gain root access to the mobile device. Specifically, these threats can be divided into several categories:

  • Web-based threats
  • Application-based threats

Web-based threats pose a ceaseless threat to smartphone and mobile devices due to the fact that they’re constantly connected to the Internet. A few major threats to mobile devices include the following:

  • Browser exploits that take advantages of possible vulnerabilities in a mobile device. Users that unwittingly visit harmful websites run the risk of infecting their devices with malware and other web threats from these sites.
  • Phishing scams that target mobile devices, much like they do PCs and Macs. Phishing scams involve using texts, emails and social media to trick users into providing sensitive data such as account information, passwords and the like.

Application-based threats, also known as “malicious apps,” involve using apps to commit various forms of cybercrime. They involve tricking users into downloading apps that may appear to be fine, but are actually malicious in nature and designed to conduct illicit activities. A few forms of application-based threats may include the following:

  • Malware threats that are designed with numerous cybercriminal purposes in mind, including taking control over smartphones and mobile devices, spamming texts, making false charges to a phone bill and the like.
  • Adware that automatically creates advertisements in order to generate a revenue stream for its creator. It can also be used to collect marketing information without the user’s consent and redirect search requests to advertising sites.

Android devices are ‘under attack’

Throughout 2012, 99% of all mobile malware detected by Kaspersky Lab was designed to target the Android platform. During the year, Kaspersky’s Internet security experts identified more than 35,000 malicious Android programs.

The reasons for the huge growth in Android malware are:

  • The Android platform has become the most widespread operating system (OS) for new smartphones – it has over 70% market share.
  • The open nature of the Android OS, the ease with which apps can be created, and the wide variety of (unofficial) application markets all have an influence on security.

What types of threats are affecting Android devices?

The most widespread malicious objects detected on Android smartphones can be divided into three main groups:

Malware has been found in app stores. During 2012, Kaspersky detected malicious programs in Google Play, the Amazon app store, and other third-party app stores.

Online banking security risks for Android users

European and American banks and e-pay systems offer a variety of ways to protect users’ transactions – including authentication using e-tokens, one-time passwords, confirmation of transactions through codes sent to the phone, and more.

However, cybercriminals are developing programs that bypass these measures. For example, the Zitmo family of programs is designed to attack a user’s mobile phone and can bypass the two-factor authentication systems used by European banks. These mobile malicious programs work in tandem with Zbot (ZeuS):

  • First Zbot steals the username and password – to enter the online banking system from the infected computer.
  • Then, during a money transfer, Zitmo – Zbot’s mobile counterpart – takes over and forwards the transaction authorization code (TAN) to the cybercriminals.