WE ALREADY KNEW that Android was the mobile operating systems most targeted by malware, and that isn't about to change any time soon.
Security firm F-Secure has reported that malicious activity on Android accounted for 97 per cent of all detected mobile threats for 2013.
The figures were revealed in F-Secure's latest Threat Report for the second half of 2013, finding that there were 566 more Android malware variants found last year than during the previous year.
"97 percent of the mobile threats in 2013 were directed at the Android platform, which racked up 804 new families and variants," F-Secure said in its report (pdf). "The other three percent (23) were directed at Symbian. No other platforms had any threats. In contrast, 2012 saw 238 new Android threats."
F-Secure found that the top 10 countries reporting Android threats saw a little over 140,000 Android malware detections, with 42 percent of the reported detections coming from Saudia Arabia and 33 percent from India. European countries accounted for 15 percent of the total and the US just five percent.
F-Secure said that due to Android itself having relatively few vulnerabilities, the main distribution method is still through shady apps downloaded from third-party app stores.
"For mobile platforms, the continued dominance of the Android operating system makes it almost the exclusive target for mobile threats we've seen this period," F-Secure's report explained.
"Though the relatively low number of vulnerabilities found in Android makes the operating system itself difficult to attack, this security is largely circumvented by the relative ease with which malware authors can provide their 'products' and dupe users into installing it on their own devices, with the necessary permissions to straightforwardly use the device (and the user's data) for the attacker's own benefit."
The Android malware families most commonly reported in that period were Ginmaster, Fakeinst and Smssend, which either harvest data from the device or send premium-rate SMS messages.
The F-Secure report also found that web based attacks, which typically involve techniques that redirect the browser to malicious websites, were the most commonly reported type of attack for the period, making up 26 percent of malware detections, followed by the Conficker worm with 20 percent.
"The three most common exploits detected during the period were all Java-related," the report said. "Java exploits, however, declined compared to [the first half of] 2013. Mac malware continues a slight but steady increase, with 51 new families and variants detected in 2013." µ