In 2012 the number of unique detections of malware for Android increased globally by a factor of 17X (yes, that is 1,700%), and we expect the increase in 2013 to be even greater. This is one of the main predictions in the white paper we are releasing today: "Trends for 2013: astounding growth of mobile malware" (PDF).
As our regular readers know, near the end of the year the research teams at ESET discuss the malware and cybercrime trends they think will be important in the next 12 months. The Latin America team first took the step of publishing the results of that discussion in a paper seven years ago. Three years ago it was decided to share that information in English here on ESET's worldwide blog. Among the predictions that can be found in the document we publish today is that malware for smartphones will once again experience rapid growth in 2013.
In reaching this conclusion, we analyzed what has happened with malware for mobile platforms over the last 12 months, seeing that its growth has been even greater than we had imagined at the end of 2011. In the paper you can find more detailed information about that growth together with analysis of data we have collected. Although the number of different families for malware for Android has not increased much, if we look at the number of variants, we do see serious growth. A variant is a modified version of a specific and known malicious program. Cybercriminals modify the structure and the code of an existing threat to create a new one with the aim of adding new malicious functions and evading detection by antivirus programs. The graphic below shows four leading malware families for Android and the number of variants that appeared in 2011 and 2012:
As you can see, the increase in variants within some families of Android malware is very dramatic. This drove the annual growth rate in detections of Android malware in 2012 as to 78X in Ukraine, 65X in Russia, and 48X in Iran.
So what does this malware do to smartphones? Basically we can divide the threats into three groups: information theft; botnets; and SMS Trojans. Our reseasrch indicates that SMS Trojans represent 40% of all Android malware at the monent. After infecting the phone, SMS Trojans start sending messages to premium SMS numbers that have an additional cost to the user, which is, of course, profit for the attacker. Although they have been more popular in Eastern Europe, in recent years SMS Trojans have been expanding throughout the world, like the Android/Boxer variant affecting 63 countries in the world, about which we published a white paper a few days ago.
In the paper we publish today you will also find information about additional trends that will be important in the next year, such as the spread of malware via infected websites, among others. Feel free to download and share: "Trends for 2013: astounding growth of mobile malware." We hope you find it helpful in planning your strategy for a safe and secure 2013.
Sebastian Bortnik
Educction & Research Manager for ESET Latin America