More than fifty thousand android pests

Leaping growing threat to Android platform: 51 unique pests in the third quarter of 447. The iOS plaftorm is also untouched: the Fidall app spam stolen connections stored on your phone. Despite officially stopped Symbian development, attacks on the system are not diminishing: malware growth is 2012 percent and 17 new virus families have appeared.

Finnish F-Secure has released its Mobile Qureat Report for the third quarter of 2012 on key mobile threats and trends across different mobile platforms. The report reports Android dominance in both the number of malware and the pace of new malware, which is only reinforced by the growing market for devices running the Android operating system. A total of 51 unique android pests were registered in the third quarter, which is extraordinary. The iOS mobile operating system, famous for its invulnerability, has not remained untouched either: the Fidall application steals the device's contact list and sends unsolicited messages to the addresses thus extracted. It is also noteworthy that although Nokia no longer deals with Symbian, which is only in “maintenance mode” at all, the malware running on the system is still far from extinct: in the third quarter of 447, 2012 new families of viruses affecting the platform were registered.

In addition to general virus protection for all Android devices, F-Secure Mobile Security includes useful features such as browser protection, blocking unwanted SMS and MMS, or protecting children from unwanted content and controlling their Internet habits.

Android: a rash win in the pest market

In connection with the explosive growth in sales of Android devices, it was expected that mobile threats would be dominated by pests running on the platform: 51 individual pests, 447 new families and newer variations of existing families were registered in the third quarter. The two most common Android threats this quarter were for-profit SMS sending activities and theft of information from an infected device.

The growth is outstanding despite the introduction of Google Bouncer, a security solution for the Google Play Store (formerly Android Market). Google Bouncer scans the Play Store for new and existing applications and developers for malware. Although Google claims this added security feature has shown a 40 percent reduction in the number of malware infections, it has been demonstrated at technology conferences that the protection provided by Bouncer can be circumvented. Apart from this, however, this does not appear to be the root cause of the significantly increased infection. In the third quarter of 2012, the large wave of pests is thought to be more likely to be attributed to the natural consequence of large Android device sales, particularly in China and Russia - the former now the largest smartphone market with an 88 percent share of Android.

Both Blackberries and iOS are at risk

The iOS platform, which will be upgraded to iOS 6 in the third quarter, also includes a total of 197 vulnerability fixes, a significant portion of which can be tied to the webkit browser. Aside from the case of FinSpy, the only notable pest affecting the iOS platform this quarter was Fidall, which also infects Android. The Fidall app sends the contact information on the infected device to a remote server and then sends spam SMSs to specific phone numbers that contain a link to download the app.

A new version of Zitmo (the mobile version of Zeus malware) that attacks Blackberry devices was also identified in the third quarter. However, the purpose of the banking malware has remained the same: to steal the transaction verification number sent to the mobile phone that banks send to their customers to approve online transactions. The Zitmo malware extracts the given number sequence from the SMS and forwards it to a remote server so that criminals can initiate approved transfers via SMS.

In addition to Zitmo, another noteworthy discovery in the third quarter is the FinSpy Trojan, which also affects Blackberries and runs on Android, Symbian, iOS and Windows Mobile operating systems. FinSpy takes screenshots of the infected device, notes keystrokes on real or virtual keyboards, influences Skpye communication, tracks device status, and monitors SMS and voice calls.

Symbian: stopped development, unbroken attacks

Although mobile threats are still dominated by malware written for Android, malware attacking the Symbian platform is also far from extinct - this is especially true in developing countries, where the proportion of devices using the system is significantly higher. In the third quarter of 2012, 21 new virus families and variants were discovered, an increase of 17 percent compared to the second quarter. A typical Symbian malware is a Trojan that disguises itself as a system update or a legitimate program.

Most Symbian malware comes from China and is usually made for profit. Most of them (such as Fakepatch.A and Foliur.A) register the owner of the device with messages sent to SMS sending activities, typically sent to premium rate numbers, or similar premium services. Moreover, malware belonging to the PlugGamer.A family, for example, entertains the user with simple, browser-based games while using premium services in the background.