Security Update: Mobile Malware Up 163% in 2012, 2013 to Be Worse

Security Update: Mobile Malware Up 163% in 2012, 2013 to Be Worse

According to a new security report released today by NQ Mobile Inc. (NYSE: NQ), a leading global provider of mobile Internet services, mobile malware threats increased 163% to more than 65,000 in 2012. The company warns, however, that the problem is becoming more complex as smarter mobile malware can better target connected devices.

Malware Grows and Becomes Smarter

Nearly 95 percent of all mobile malware Discovered in 2012 targeted the Android OS. The top three methods for delivering malware in 2012 were app repackaging 1, malicious URLs 2, and smishing 3. NQ Mobile estimates that these forms of malware helped infect an estimated 32.8 million Android devices in 2012 an increase of over 200 percent from 2011.

In the first quarter of 2013 mobile malware threats continued to grow and have become smarter. In February of this year, a new type of mobile malware was Discovered that could jump from an Android device to infect a PC when they were connected via the USB port. Although only a few Android devices were infected, this attack illustrates the growing need to keep private data secure in an increasingly interconnected device ecosystem.

Mobile Hackers Sell Private Information to Cybercriminals
NQ Mobile Security Labs, a team of over 250 mobile security professionals around the world who proactively monitor the mobile landscape for new malware threats and mobile hacking methods, have been also been observing increased collaboration between mobile hackers and cybercriminals. These unlawful collaborations can have disastrous effects on consumers. Mobile hackers are using malware to capture consumers' private information and then selling this information to cybercriminals who are in turn using social engineering tactics to gain access to the consumers' finances.

"The security industry's 'discover-first-and-inoculate-second' strategy is no longer enough," said Omar Khan, Co-CEO, NQ Mobile. "We need smarter systems that can discover threats before they infect consumers as well as more education so consumers can better spot and avoid these new mobile scams."

Key Findings

  • Over 32.8 million Android devices were infected in 2012 vs. 10.8 million in 2011 an increase of over 200 percent
  • The top five markets for infected mobile devices were China (25.5%), India (19.4%), Russia (17.9%), United States (9.8%) and Saudi Arabia (9.6%)
  • 65% of malware Discovered in 2012 falls into a broader category of Potentially Unwanted Programs (or PUPs). PUPs include root exploits, spyware, pervasive adware and Trojans (surveillance hacks)
  • 28% of mobile malware Discovered in 2012 was designed to collect and profit from a user's personal data
  • 7% of malware was simply designed to make a user's device stop working (i.e., "bricking" their phones)
  • Looking ahead, NQ Mobile estimated that over 10 million devices have already been infected in the first quarter of 2013

Research Methodology
NQ Mobile's 2012 Security Report is based on insights from NQ Mobile's Security Labs, as well as data collected from NQ Mobile's global malware database, scanning engines and its network of hundreds of millions of registered users.

To view a full copy of NQ Mobile's 2012 and 1Q 2013 Mobile Security Reports, including charts and additional information on malware discoveries, please visit NQ Mobile's blog at:

1 App repackaging: Concealing malicious malware in a seemingly legitimate app
2 Malicious URLs: Fake URLs masquerading as legitimate URLs such as, banking websites
3 Smishing: Phishing by way of SMS messages