F-Secure Lab’s new Mobile Threat Report Q4 2012, out today, details an abrupt drop in Symbian malware threats from previous quarters, while Android malware continues its upward trend.
In what may be the only good news for Symbian, F-Secure’s latest Mobile Threat Report shows a drop in malware targeting the declining platform to just four percent of all mobile threats detected in the fourth quarter of 2012, down from an average of 26 percent in the first three quarters. Malware targeting Symbian was down to 19 percent of all mobile malware for the year 2012, down from 29 percent in2011.
301 total new threat families and variantswere detected in 2012. Android malware continued to gain in its share, responsible for 79 percent of all threats for the year, up from 66 percent in 2011. The numbers are starkly reversed from 2010, when Symbian malware accounted for 62 percent of threats and Android just 11 percent.
“Malware in general has a parasitic relationship with its host,” says Sean Sullivan, Security Advisor at F-Secure Labs. “As old Symbian handsets continue to be replaced by those with other operating systems, especially Android, Symbian malware dies off and will probably go extinct in 2013. May it rest in peace.”
66 percent of mobile malware detections in2012 were trojans, a number Sullivan expects to drop in the coming year with Google’s release of Android 4.2 Jellybean late last year. The extra security promptswhen downloading in 4.2 should help deflect trojans, and as spying and monitoring tools increasingly become part of the mix, surveillance-related threats will account for a greater portion, he says.
A large share of the Android threats found in Q4 were malware that generate profit through fraudulent SMS practices. 21 of the 96 Android threat variants found were contributed by Premium SMS, a malware family that sends out messages to premium rate numbers. Many more Android threats employ similar tactics, some signing up the victim to an SMS-based subscription service. Messages or notifications from these numbers and services are deleted, keeping the user unaware until charges appear on their bills.