Cybercriminals Give up Targeting iPhones Focusing Entirely on Android

Cybercriminals have all but given up on trying to breach the security of Apple's iPhones, with over 99% of all new mobile malware threats detected in the last three months targeting Android.

The new research from Finnish security firm F-Secure says that it detected 277 new threat families of malware in the first quarter of 2014. Of these, 275 were aimed at the Android operating system with just one targeting iPhone and one for Nokia's defunct Symbian software.

While Android has long been the main target for cybercriminals looking to exploit the boom in smartphone adoption, the percentage of new malware being written for Google's operating system is increasing.

During the same period in 2013, just 91% of all new mobile malware detected was targeting Android, but as more and more people buy Android-based smartphones, it is clear that criminals are following the money and targeting the world's most popular mobile operating system.

Given up on Apple

It is equally clear that the people writing the malware have all but given up trying to breach Apple's strict security measures.

The single iOS malware detected by F-Secure was only written to target jailbroken iPhones, meaning the vast majority of iPhone users continue to be completely safe from mobile malware.

There has yet to be a verified case of malware being found in Apple's App Store, six years after being launched, which led Mikko Hyppönen, chief research officer at F-Secure, to last year call the app store the "the biggest security innovation of the last ten years."

Complex and sophisticated

The malicious Android malware detected by F-Secure during the period, showed a continuing increase in complexity and sophistication - as well as the sheer number of threats out there.

As well as simply seeing more threats, the first quarter was also notable for the type of mobile malware detected.

The quarter saw the discovery of the first Android cryptocurrency miner, which hijacks the device to mine for virtual currencies, such as litecoin.

The first Android bootkit was also discovered, which affects the earliest stages of the device's bootup routine making it extremely difficult to detect and remove.

The first Tor trojan and the first Windows banking trojan hopping over to Android were also discovered.

Direction of malware authors

The discovery of cryptocurrency miners is of particular note.

Trying to mine bitcoin using a smartphone is like trying to mine coal with a toothpick, but the discovery of these pieces of malware shows where cybercriminals are going.

"These developments give us signs as to the direction of malware authors," Hyppönen said. "We'll very likely see more of these in the coming months. For example, mobile phones are getting more powerful, making it possible for cybercriminals to profit by using them to mine for cryptocurrencies."