Mobile Malware

Mobile malware refers to types of security threats that affect mobile devices. It does not matter whether you have an Android or an Apple device; both can be susceptible to potential security risks. The rise of mobile malware is associated with the global growth of smartphone users. Mobile devices make it a lot easier to access corporate networks as opposed to landlines, and so, they become indispensable in everyone’s daily life. However, when something becomes so popular, it is inevitable that there will be parties trying to exploit it, too.

Mobile Device Vulnerabilities

Mobile malware cannot boast of the same numbers and the all-encompassing scope as computer malware, but it, more or less, follows the same patterns. First, it will try to exploit critical mobile software vulnerabilities, and a whopping 95% of Android devices could be hacked with a text message alone.

What’s more, although Apple devices are thought to be safer on average, they are not impervious to such attacks. Apple devices can get attacked by mobile malware through the official app store. Apple has vaunted protection, but malicious apps that target Apple devices are programmed in a way that they can be difficult to detect, and they might also come aboard piggybacking on legitimate apps. Thus, anyone should be aware that by owning a mobile device, they could always be exposed to a variety of security risks.

Mobile Malware Types

Just like we have a whole list of the most prominent types of PC malware, there are also groups of popular types of mobile malware. The most common ones are as follow:

  • Mobile Banking Malware. If you can run your business via your mobile device, cybercriminals will look for ways to intercept the sensitive information you sent back and forth. Mobile banking malware is mostly trojans that get distributed through corrupted installation packages. Users often install these packages willingly when they think they install some legitimate app. The moment this threat is installed, it can collect banking logins and password information, thus seriously impeding the victim’s financial security.
  • Ransomware. The category is rather self-explanatory. The key features of mobile ransomware are the same as that of PC ransomware. So, the main point of this infection is to hold the data on the affected device hostage, coercing the victim into paying the ransom. Mobile ransomware programs are also essentially trojan infections.
  • MMS & SMS Malware. SMS and MMS messages are often exploited to deliver mobile malware. MMS malware could exploit vulnerabilities that do not get patched immediately to send messages with a malicious payload as the MMS attachment. Needless to say, such glaringly obvious vulnerabilities get patched soon, but the potential of malicious exploitation is always there. SMS malware reaches users in the shape of text messages that usually have an outgoing link. The outgoing links could be part of a mobile banking malware distribution plan, a phishing scam, or any other scheme that has been devised to swindle the unsuspecting victims out of their money.
  • Adware. Adware can equally affect mobile and desktop devices. Some adware types can even force the affected device to download more types of adware apps that would eventually allow the attackers to steal personal information. In order to avoid mobile adware, users are urged to steer clear of unfamiliar websites and avoid interacting with pop-ups that seemingly try to hog their screen.

Mobile Malware Trends

The trends in the mobile malware world rely heavily on current global affairs. The main mode of transport for mobile malware is the type of applications that might be in demand. Hence, the latest shift in mobile malware trends came in 2020 with the global COVID-19 pandemic. The major shift in the daily lives of billions gave cybercriminals new opportunities to cast their malware net.

In 2020, mobile trojans still remained one of the biggest mobile security threats, and they were mostly hiding behind all sorts of software packages with the name “covid” in them. For example, a supposed Coronavirus Finder app tricked users into sharing their bank details because they supposedly had to pay a small fee for the service.

All in all, in 2020, more than 5.6 million malicious installation packages were detected, along with 156,710 new mobile banking Trojans and 20,708 new mobile ransomware Trojans. These types of mobile ransomware remain the most prominent threats. And while the number of attacks against mobile users experienced steady growth in 2020, looking at a broader perspective, we can see that the overall number remained more or less the same over the last few years.

Mobile Malware Rates Chart – Source: Kaspersky

It does not mean, however, that the market for mobile malware is shrinking. As mentioned, mobile malware distribution is rather opportunistic, and it depends heavily on what is going on in the world. The drop of infections in the graph may correspond to a rather calm period in the global events.

Mobile Malware Mitigation

Ways to secure mobile devices are very similar to the methods employed by desktop users to avoid malware, too. One of the most important things is to use a secure Wi-Fi connection. If you have to transfer important data or access a sensitive data system, make sure that you are not connected to public Wi-Fi. It is better to use your data in such a case.

To avoid phishing scams and mobile Trojans, you should also be careful about the emails you receive. If it comes from someone you do not know, and it has an attached file or an outgoing link, there is a good chance that it could be a malware scam. Delete such an email immediately.

Downloading apps from reliable sources is of utmost importance, too. If some app is not available in your region, it is best to forfeit that program altogether instead of looking for third-party sources because third-party software packages could easily be exploited for mobile malware distribution.

It is also strongly recommended to avoid rooting your device. Rooting may give you more access to your device’s system, but it also opens the door for various malicious exploitations. Not to mention that you could lose your right to automatic security updates and vulnerability patches if you root your smartphone (or a tablet).

Although we do not offer mobile security products at the moment, we strongly recommend investing in a powerful anti-malware application that enhances your mobile device’s performance and makes sure that it stays protected against a number of malicious threats.

Most Trending Mobile Malware in the Last 2 Weeks

# Threat Name Severity Level Alias(es) Detections
1. Drinik Android Banking Trojan
2. PINEFLOWER Mobile Malware
3. Revive Banking Trojan
4. FlexStarling Mobile Malware
5. XploitSpy Mobile Malware
6. 'FakeCalls' Mobile Malware
7. Brokewell Mobile Malware
8. 'Calendar' Virus
9. Nexus Banking Trojan
10. SoumniBot Mobile Malware
11. TianySpy Malware
12. DawDropper Mobile Malware
13. AbstractEmu Malware
14. SandStrike
15. WhatsApp Pink Malware
16. Octo Banking Trojan
17. Gigabud Mobile Malware
18. Xenomorph Android Malware
19. Tremendous Botnet
20. ERMAC Android Banking Trojan
21. GoldDigger Banking Trojan
22. AIVARAT Mobile Malware
23. 'Ads Blocker' Mobile Malware
24. DogeRAT Malware
25. Zanubis Banking Trojan
26. SmsSpy Malware
27. Hook Mobile Malware
28. MoqHao Malware
29. SecuriDropper Mobile Malware
30. AxBanker Mobile Malware

Last updated: 2024-05-21