Ninety-six percent of all mobile malware is now designed for Android devices. That is one of the key findings in a new quarterly Mobile Threat Report by leading security
firm F-Secure, showing that Android's share has nearly doubled in each of the last three quarters.
As the report notes, Android's leading position as the main malware target is due to its position as the leading mobile platform. Other reports have also cited Android's status as an open-source platform, which can be modified by any carrier or manufacturer in ways that could be less than secure, as well as a lack of stringent monitoring in the app marketplace in Google Play, the online store.
Symbian devices account for only 4 percent of malware, and all other platforms -- iOS, BlackBerry, Windows Mobile and J2ME -- are hovering around zero for the quarter.
Android Up, Symbian Down
One of the most dramatic changes in the report is the huge increase in Android's share of the malware market in the fourth quarter of last year, compared with the previous three. In the first through third quarters, Android's share was in the 46 percent to 49 percent range, while Symbian's veered between 14 percent and 21 percent, and the others barely registered in the 0 percent to 2 percent range.
But in the fourth quarter, Symbian plummeted to 4 percent, largely because of the platform's rapid decline as Nokia transitions to Windows Phone. This is a key reason for Android's jump to 96 percent.
Sean Sullivan, security adviser at F-Secure Labs, said in a statement that, "as old Symbian handsets continue to be replaced by those with other operating systems, especially Android, Symbian malware dies off."
Sullivan suggested that Symbian malware could become extinct this year.
Overall for 2012, malware targeting Symbian dropped to 19 percent, compared with 2011's 29 percent. Android represented 79 percent of all threats for the year, an increase from 66 percent in 2011. Android's rise represents a dramatic shift from 2010, when Symbian took 62 percent of all mobile malware and Android accounted for only 11 percent.
The largest portion of malware in 2012 were Trojans, but Sullivan said that Google's release of Android 4.2 Jellybean at the end of 2012 could change that because the new OS's security prompts when downloading could diminish the effectiveness of Trojans. F-Secure said that in Trojans' place it expects surveillance-related threats to take up the slack.
Additionally, the number of mobile threat families and variants is increasing. In 2011, there were 195, and last year that had increased to 301.
Much of the Android threat is due to one family of malware called Premium SMS, which has 21 variants -- out of 96 total Android threat variants -- that create revenue for its maker by generating and sending premium SMS texts. These kinds of threats sign up a victim for an SMS-based subscription service, in which messages and notifications are continually deleted. The victim is unaware of the subscription until charges appear on the mobile bill.