Android remained the top target for mobile malware in 2012, with 95% of all infections discovered on the platform, NQ Mobile said in a statement on Monday.
According to NQ, the number of malware attacks on Google’s mobile platform more than doubled in the period from 2011 to 2012. Over 32.8 million Android devices were infected last year, versus 10.8 million in 2011, according to the company’s estimates – a rise of more than 200%.
The company said the fragmented nature of Google’s mobile platform makes it a continued malware risk, with more than 39% of Android users who are running Gingerbread missing out on major security updates distributed by the more recent Ice Cream Sandwich and Jelly Bean versions.
NQ’s Security Labs discovered the findings using existing data from its global malware database of 283 million mobile users, in addition to scanning the mobile landscape for new threats and hacking methods.
According to NQ, there were increased collaborations between mobile hackers and cyber criminals that resulted in “disastrous effects”.
“Mobile hackers are using malware to capture consumers’ private information and then selling this information to cybercriminals who are in turn using social engineering tactics to gain access to the consumers’ finances,” NQ said in the statement.
Of the mobile malware discovered last year, 28% was designed to collect and profit from a user’s personal data, it said, while 7% aimed to stop the device from functioning.
NQ said the top three methods for delivering malware in 2012 were: app repackaging (concealing malicious malware in a seemingly legitimate app), malicious URLs (fake URLs masquerading as legitimate URLs such as banking websites) and Smishing (phishing by the way of SMS messages).
A quarter of infected mobile devices were in China, followed by India (19.4%), Russia (17.9%), the US (9.8%) and Saudi Arabia (9.6%).
“The security industry’s ‘discover-first-and-inoculate-second’ strategy is no longer enough,” said Omar Khan, co-CEO at NQ Mobile. “We need smarter systems that can discover threats before they infect consumers, as well as more education so consumers can better spot and avoid these new mobile scams.”