What is Mobile Targeted Malware?
Mobile malware is malicious software designed to access private data on devices such as phones and tablets.
Mobile malware is a growing threat. The main reasons for this are transferring some corporate operations to mobile environments and the increase in the value of data stored on mobile devices.
The rest of this article includes the main mobile malware types and 2021 first-quarter mobile malware statistics.
1. Remote Acces Trojans (RATs)
This type of malware is mainly used to gain access to the device and gather information. The purpose of RATs is not to damage the system but to leak data from the system. RAT (Remote Access Trojan) is a type of phishing software that hackers use to gain access to the targeted victim's computer.
2. Banking Trojans
This malware is a type of malware that targets mobile banking applications. This type of malware basically aims to collect mobile banking login information and transfer funds to anonymous accounts. The banking trojan disguises itself as an application or software that users download and install. Once installed, it positions itself to access your banking details.
This malware unrecoverably encrypts all the user's mobile device data and demands payment in cryptocurrencies such as Bitcoin.
This malware aims to infect the device and generate revenue by clicking unwanted advertisements on the device. Adware is a software package that automatically runs, displays, and downloads while the program is in use after its installation on the computer.
Spyware is software that collects data without the user's consent and/or knowledge. Spyware can perform different types of operations that violate the privacy of personal information, such as recording the keys pressed by the user, keeping a record of the web pages viewed, scanning the data on the disk, and monitoring the searches made on the internet. This can result in illegal actions such as stealing people's email and bank passwords or in "personalized advertising" pop-ups and spam. These results are not only annoying but also consume network and system resources, slow down the display speed of web pages, or cause a general slowdown of the device.
Every year, the number of mobile-oriented malware is increasing exponentially. The number of malware variants detected since the 2020 Covid-19 pandemic period has increased by 62% and exceeded 28 million in the first half of 2020. Although there was a decrease in mobile-oriented malware from Q4 2020 to 2021, it showed a decrease of 16,801 compared to the first quarter of 2021.
Mobile-focused attacks, especially launched by APT groups in 2020, continue to increase by 30% in the first quarter of 2021. Various APT groups, especially Iranian Rampant Kitten, have been seen targeting mobile devices for spying on activities and stealing sensitive data.
While Android was the mobile platform with the highest malware rate, accounting for 47.15% of all vulnerable devices (such as Windows, macOS, iOS), iOS remained only around 1%.
AdWare malware constitutes 61.43% of the malware detected in the first quarter of 2021. Vulnerable mobile applications called Riskware, which are frequently used by attackers, rank second with 15.43%. This software is classified as mobile malware because the vulnerabilities detected by the attackers are used to distribute malware to other devices.
Distribution of Detected Mobile Applications by Type
Trojan (trojan horse) type malware took third, fourth, and fifth place with a rate of 12.24%.
Although there are decreases in the first quarter of 2021 compared to the last quarter of 2020, this rate is expected to increase, especially in the third and last quarter of 2021. Therefore, it is recommended that institutions check their personnel devices with Mobile Device Management systems and endpoint device security software, being aware of current threats.