Report: Mobile malware has doubled since the beginning of the year

​The proportion of smartphones infected with malicious software has almost doubled this year to 0.49 percent, according to new figures for Europe, North America and the Asia-Pacific.


The proportion of smartphones infected with malicious software has almost doubled this year, according to new figures for Europe, North America and the Asia-Pacific from smartphone maker Nokia.

“As consumers shift to mobile devices to access the internet, social media, e-commerce and banking, so we see cybercriminals shifting their targeting,” Kevin McNamee head of the Nokia Threat Intelligence Lab, told Cyberscoop.

The figures come from a security solution the Finnish company has installed at large telecom providers, and comprises anonymized aggregated data from over 100 million devices.


The smartphone infection rate averaged 0.49 percent in the first half of 2016, compared to an average of 0.25 percent in the second half of 2015. The infection rate peaked at 0.82 percent of smartphones in April.

“The sharp increase in April was due to a significant increase in smartphone infections involving the Kasandra, SMSTracker and UaPush Android Trojans,” the report states. Together, these three pieces of malware — a remote access tool, a spyware program and a piece of malicious adware respectively — accounted for nearly half of all infections.

Adware displays unwanted pop-ups; spyware collects personal data, monitors SMS messages and calls and tracks a phone’s location via GPS; and a remote access infection gives the hacker total control over the device.

Historically, much smartphone crimeware has targeted non-English speaking markets, like the banking Trojan Svpeng in Russia and Ukraine.

McNamee acknowledged that there was some geographical variation in the numbers, “Some areas have higher infection rates,” he said, but the averages “reflect what we’re seeing in Europe and North America.”


However, he said that it was only a matter of time before crimeware infection rates rose, even in the more developed markets.

“They are out there,” he said of the banking crimeware programs — some of which can even bypass two factor authentication techniques, like a one-time passcode sent to the phone, through intercepting SMS messages.

“We haven’t seen a large number of infections yet, but you can see that’s coming,” he said.

In the meantime, criminals are making hay with malware that makes money by downloading unwanted apps, or engaging in click-fraud — when the malware repeatedly mimics the actions of a real user clicking on ads, generating revenue for the network that’s placed them, even though no human eyes are actually seeing the advertised page.

“We’re seeing the malware get more sophisticated,” McNamee said.

Shaun Waterman

Written by Shaun Waterman

Contact the reporter on this story via email, or follow him on Twitter @WatermanReports. Subscribe to CyberScoop to get all the cybersecurity news you need in your inbox every day at

Latest Podcasts