The number of malicious programs targeting mobile devices has more than doubled between August 2009 and December 2010, with 65% more threats targeting mobile devices detected in 2010 that during the previous year.
Kaspersky Labs data also shows more than 1 000 variants from 153 different families of threats were launched against mobile devices last year.
Denis Maslennikov, a senior malware analyst at Kaspersky Lab and author of Mobile Malware Evolution, comments: “The list of platforms targeted by malicious programs expanded considerably in 2010.”
The growing popularity of the Android platform has inevitably drawn the cybercriminals attention: in August 2010, the first malicious program targeting Android was detected, and since then, that number has reached 15 programs from a total of seven families.
The first threats targeting Apple's iPhone OS also appeared during this last reporting period, but infected only devices that had been jail broken in order to install third-party games and other software not manufactured by Apple.
Most mobile threats continue to target the Java 2 Micro Edition (J2ME) platform, which is supported by a huge number of mobile devices. That means it is not only smartphones that are at risk of infection, but basic mobile phones as well. The second most-targeted platform is Symbian, with Python in third place.
“The use of SMS Trojans is still the easiest and most effective means by which malicious users can earn money," says Maslennikov. "The reason is relatively simple: any mobile device, be it a smartphone or a basic mobile phone, has a direct connection to its owner’s money via their mobile account. It is this ‘direct connection’ that cybercriminals actively exploit."
From 2010 onwards, sending fee-based text messages ceased to be the sole illegal money-making scheme for virus writers developing threats targeting different platforms. Other unlawful schemes such as redirecting mobile Internet banking users to phishing sites and stealing passwords sent by banks to mobile phones were also used. Mobile threats have become more complex than ever and include the emergence of mobile bots and other remotely-controlled software.
Maslennikov says these trends indicate that the attacks launched by mobile threats have reached a completely new level.
Kaspersky Lab predicts an increase in the number of vulnerabilities found on mobile platforms, as well as an increase in the number of threats for Android and the continued use of short numbers by cybercriminals.