No security threat found on Windows Phone in Q1 2014

Apr 29, 2014 22:21 GMT  ·  By

The number of threats on mobile devices keeps on growing, and Google’s Android operating system remains the most targeted mobile operating system when it comes to these, a new report coming from F-Secure unveils.

According to the company, 277 new malware families were discovered on mobile devices in the first quarter of the year, with 275 of these threats targeted at Android.

Moreover, the security firm also notes that it discovered only one new threat on iOS, and one on Symbian.

No mention of other mobile platforms out there has been made, which makes Windows Phone, the third largest mobile OS at the moment, the most secure platform when the top three most popular ones are considered.

F-Secure also notes that its Mobile Security product users reported a variety of Trojans during the first quarter of the year. Most of these were designed mainly for silent SMS-sending (most of them came from the Fakeinst and SMS Send families).

What remains to be seen is how the latest iteration of Google’s Android operating system will impact the spread of these Trojans, given the fact that it requires user confirmation when premium-rate SMS messages are sent.

Said report also notes that the first quarter of the year was a prolific timeframe for the development of new mobile malware.

“There was Trojan:Android/Torsm.A, the first one to use TOR to hide its communications with its command and control server,” the aforementioned report unveils.

“The first bootkit, Trojan:Android/Oldboot.A, was reported, as well as a trojan that tries to turn the phone into a silent cryptocurrency miner (Trojan:Android/CoinMiner.A).”

Moreover, F-Secure mentions the Dendroid toolkit, which was discovered as providing a very simple option to come up with new Android Trojans. Apparently, creating new malware for the mobile operating system is as simple as clicking a few buttons, and the toolkit also comes with a lifetime warranty.

The Dendroid toolkit was designed to make the creation of malware an elementary activity, similar to what virus construction kits and exploit kits did for PC-based threats. Basically, anyone could build Android malware, even those without technical skills to do it themselves.

Considering that these were discovered in the first three months of 2014 alone, it remains to be seen what the rest of the year reserves for us. Those of you interested in learning more on F-Secure’s findings can access the full report on the company’s Labs site (the report is available as a PDF file too).