Mobile Malware

Mobile malware refers to types of security threats that affect mobile devices. It does not matter whether you have an Android or an Apple device; both can be susceptible to potential security risks. The rise of mobile malware is associated with the global growth of smartphone users. Mobile devices make it a lot easier to access corporate networks as opposed to landlines, and so, they become indispensable in everyone’s daily life. However, when something becomes so popular, it is inevitable that there will be parties trying to exploit it, too.

Mobile Device Vulnerabilities

Mobile malware cannot boast of the same numbers and the all-encompassing scope as computer malware, but it, more or less, follows the same patterns. First, it will try to exploit critical mobile software vulnerabilities, and a whopping 95% of Android devices could be hacked with a text message alone.

What’s more, although Apple devices are thought to be safer on average, they are not impervious to such attacks. Apple devices can get attacked by mobile malware through the official app store. Apple has vaunted protection, but malicious apps that target Apple devices are programmed in a way that they can be difficult to detect, and they might also come aboard piggybacking on legitimate apps. Thus, anyone should be aware that by owning a mobile device, they could always be exposed to a variety of security risks.

Mobile Malware Types

Just like we have a whole list of the most prominent types of PC malware, there are also groups of popular types of mobile malware. The most common ones are as follow:

  • Mobile Banking Malware. If you can run your business via your mobile device, cybercriminals will look for ways to intercept the sensitive information you sent back and forth. Mobile banking malware is mostly trojans that get distributed through corrupted installation packages. Users often install these packages willingly when they think they install some legitimate app. The moment this threat is installed, it can collect banking logins and password information, thus seriously impeding the victim’s financial security.
  • Ransomware. The category is rather self-explanatory. The key features of mobile ransomware are the same as that of PC ransomware. So, the main point of this infection is to hold the data on the affected device hostage, coercing the victim into paying the ransom. Mobile ransomware programs are also essentially trojan infections.
  • MMS & SMS Malware. SMS and MMS messages are often exploited to deliver mobile malware. MMS malware could exploit vulnerabilities that do not get patched immediately to send messages with a malicious payload as the MMS attachment. Needless to say, such glaringly obvious vulnerabilities get patched soon, but the potential of malicious exploitation is always there. SMS malware reaches users in the shape of text messages that usually have an outgoing link. The outgoing links could be part of a mobile banking malware distribution plan, a phishing scam, or any other scheme that has been devised to swindle the unsuspecting victims out of their money.
  • Adware. Adware can equally affect mobile and desktop devices. Some adware types can even force the affected device to download more types of adware apps that would eventually allow the attackers to steal personal information. In order to avoid mobile adware, users are urged to steer clear of unfamiliar websites and avoid interacting with pop-ups that seemingly try to hog their screen.

Mobile Malware Trends

The trends in the mobile malware world rely heavily on current global affairs. The main mode of transport for mobile malware is the type of applications that might be in demand. Hence, the latest shift in mobile malware trends came in 2020 with the global COVID-19 pandemic. The major shift in the daily lives of billions gave cybercriminals new opportunities to cast their malware net.

In 2020, mobile trojans still remained one of the biggest mobile security threats, and they were mostly hiding behind all sorts of software packages with the name “covid” in them. For example, a supposed Coronavirus Finder app tricked users into sharing their bank details because they supposedly had to pay a small fee for the service.

All in all, in 2020, more than 5.6 million malicious installation packages were detected, along with 156,710 new mobile banking Trojans and 20,708 new mobile ransomware Trojans. These types of mobile ransomware remain the most prominent threats. And while the number of attacks against mobile users experienced steady growth in 2020, looking at a broader perspective, we can see that the overall number remained more or less the same over the last few years.

Mobile Malware Rates Chart – Source: Kaspersky

It does not mean, however, that the market for mobile malware is shrinking. As mentioned, mobile malware distribution is rather opportunistic, and it depends heavily on what is going on in the world. The drop of infections in the graph may correspond to a rather calm period in the global events.

Mobile Malware Mitigation

Ways to secure mobile devices are very similar to the methods employed by desktop users to avoid malware, too. One of the most important things is to use a secure Wi-Fi connection. If you have to transfer important data or access a sensitive data system, make sure that you are not connected to public Wi-Fi. It is better to use your data in such a case.

To avoid phishing scams and mobile Trojans, you should also be careful about the emails you receive. If it comes from someone you do not know, and it has an attached file or an outgoing link, there is a good chance that it could be a malware scam. Delete such an email immediately.

Downloading apps from reliable sources is of utmost importance, too. If some app is not available in your region, it is best to forfeit that program altogether instead of looking for third-party sources because third-party software packages could easily be exploited for mobile malware distribution.

It is also strongly recommended to avoid rooting your device. Rooting may give you more access to your device’s system, but it also opens the door for various malicious exploitations. Not to mention that you could lose your right to automatic security updates and vulnerability patches if you root your smartphone (or a tablet).

Although we do not offer mobile security products at the moment, we strongly recommend investing in a powerful anti-malware application that enhances your mobile device’s performance and makes sure that it stays protected against a number of malicious threats.

Most Trending Mobile Malware in the Last 2 Weeks

# Threat Name Severity Level Alias(es) Detections
1. AxBanker Mobile Malware
2. Tremendous Botnet
3. CraxsRAT Mobile Malware
4. Sandro Rat
5. Revive Banking Trojan
6. MoqHao Malware
7. Hermit Mobile Malware
8. MMRat Mobile Malware
9. SharkBot Android Trojan
10. Predator Mobile Malware
11. BRATA Malware
12. Chinotto Spyware
13. 'Ads Blocker' Mobile Malware
14. BrazKing Android Malware
15. ERMAC Android Banking Trojan
16. Triangulation Mobile Malware
17. BadBazaar
18. ERMAC 2.0
19. Nexus Banking Trojan
20. Exobot Android Malware
21. Nexus Android Trojan
22. Xenomorph Android Malware
23. FastViewer
24. Zombinder Malware Platform
25. SmsSpy Malware
26. MalRhino Android Banking Trojan
27. TianySpy Malware
28. Chameleon Mobile Malware
29. Dracarys Mobile Malware
30. Cypher RAT

Last updated: 2023-09-29