Malware targeting Android has a taste for Gingerbread and Ice Cream Sandwich
Mobile devices running Android versions 2.3.6, or 'Gingerbread', and 4.0.4, also known as 'Ice Cream Sandwich', were the most popular Android targets among cybercriminals in the third quarter, according to the latest analysis of Android malware.
The rapid growth in the number of new mobile malicious programmes for Android continued in the third quarter, prompting the specialists at Kaspersky Lab to identify the platform versions most frequently targeted by cybercriminals.
Android 2.3.6 Gingerbread accounted for 28% of all blocked attempts to install malware, while the second most commonly attacked version was the new 4.0.4 Ice Cream Sandwich, which accounted for 22% of attempts.
'Although Gingerbread was released back in September 2011, due to the segmentation of the Android device market it still remains one of the most popular versions, which, in turn, attracts increased interest from cybercriminals,' commented Yuri Namestnikov, senior malware analyst at Kaspersky Lab. 'The popularity of the most recent version of the Android OS – Ice Cream Sandwich – among virus writers can be explained by the fact that the devices running the latest versions of the OS are more suitable for online activities. Unfortunately, users actively surfing the web often end up on malicious sites.'
More than half of all malware detected on users smartphones turned out to be SMS Trojans, malicious programmes that steal money from victims' mobile accounts by sending SMS messages to premium rate numbers. The OpFake family has become the most widespread (38.3% of all the malicious programmes detected for Android) among all the mobile malware families. All the programmes in this family disguise themselves as OperaMini.
A fifth of the malicious programmes detected on user devices are versatile Trojans, most of which belong to the Plangton family. After being installed on a device, these Trojans collect service data on the phone, send it to the command server and wait for the cybercriminals' commands.
Specifically, malicious programmes in this family can stealthily change bookmarks and the home page. The third most widespread malware was the FakeInst family, whose members pretend to be installers for popular programmes (17%). These two types of malware are mostly distributed via so-called alternative app stores created by cybercriminals.