NEWS FROM THE LAB - Tuesday, April 29, 2014

Q1 2014 Mobile Threat Report Posted by Alia @ 08:46 GMT

Our Mobile Threat Report for Q1 2014 is out! Here's a couple of the things we cover in it:

The vast majority of the new threats found was on Android (no surprise there), which accounted for 275 out of 277 new families we saw in this period, leaving 1 new malware apiece on iOS and Symbian.

In Q1, our Mobile Security product users mostly reported encountering trojans that did some form of silent SMS-sending (mainly from the Fakeinst and SMSSend families). It should be interesting to see how the 4.2 update to the Android OS (which requires user confirmation when premium-rate SMSes are sent) impacts these trojans.

This was an active quarter for mobile malware development, with a number of "firsts" reported. There was Trojan:Android/Torsm.A, the first one to use Tor to hide its communications with its command and control server. The first bootkit, Trojan:Android/Oldboot.A, was reported, as well as a trojan that tries to turn the phone into a silent cryptocurrency miner (Trojan:Android/CoinMiner.A).

Then there is the Dendroid toolkit, which promises to make creating Android trojans as simple as clicking a few buttons - and apparently comes with a lifetime warranty too. Much like virus construction kits and exploit kits did before for PC-based threats, Dendroid would make malware creation much more accessible to anyone without the technical skills to do it themselves.

And this is all just in the first three months of 2014.

More details are in the Mobile Threat Report, which is available on the Labs site, or by clicking on the images below. There's two versions of it available:

   •  For web (PDF):


   •  And a printer-friendly version (PDF):