According to the new F-Secure Mobile Threat Report for July-September 2013, it was discovered that 259 new mobile threat families and variants of existing families were identified by F-Secure Labs in the third quarter of 2013. 252 of these were Android and seven Symbian. This is an increase from the 205 threat families and variants found in the second quarter.
In another step in the march towards Android malware commoditisation, reports surfaced in July of a new toolkit, Androrat APK binder, which simplifies the process of inserting malicious code into legitimate Android apps. And in a sign that complexity of Android malware is increasing, one in five mobile threats are now bots, says the report.
Thanks to security measures in place in the Google Play store, fewer malware threats are appearing there. Instead, the growing concern in Google Play is with apps that infringe on privacy by overcollection of data.
“People understand there’s something questionable about giving their information to big data, yet they give a lot of the same information to questionable apps all the time,” says Sean Sullivan, Security Advisor at F-Secure Labs. “At least with companies like Google, there is some accountability and some established privacy practices. For example, if you delete your Gmail account, Google will delete your data. But with these little apps, you have no idea what they’re doing with your data. And do you know what they’re doing? They’re selling it to marketing networks.”