A total of 277 new threat families and variants were discovered, 275 of which targeted Android, one iPhone, and one Symbian. In comparison, the same quarter last year brought 149 new threat families and variants, 91% of which targeted Android.
The first quarter also saw a number of firsts for Android malware. This indicates the mobile threatscape is continuing to develop in sophistication and complexity. The quarter saw the first cryptocurrency miner, which hijacks the device to mine for virtual currencies such as Litecoin.
It saw the first bootkit, which affects the earliest stages of the device’s bootup routine and is extremely difficult to detect and remove. It saw the first Tor trojan and the first Windows banking trojan hopping over to Android.
“These developments give us signs to the direction of malware authors,” said Mikko Hyppönen, chief research officer at F-Secure. “We’ll very likely see more of these in the coming months. For
example, mobile phones are getting more powerful, making it possible for cybercriminals to profit by using them to mine for cryptocurrencies.”
Great Britain experienced the highest level of mobile malware measured by F-Secure in Q1, with 15-20 malware files blocked per 10,000 users there, or about 1 in 500 users.