By late 2012, the number of mobile threats targeting the Android platform accounted for 94 percent, up from 65 percent a year ago, according to a new report from Kaspersky Labs.

At the same time, 99 percent of all mobile malware detections in 2012 were threats targeting Android devices. For the next two years at least, Kaspersky Labs predicts that mobile malware will predominantly target Android devices.

?2012 was a very interesting year where we saw mobile threats skyrocket at an alarming rate,? said Ryan Naraine, Security Evangelist, Kaspersky Lab, Woburn, MA. ?We also see a dramatic shift as cyber-criminals focused resources on targeting the Android mobile operating system.

?This is a significant indicator of a perfect storm: growth in Android market share, vulnerabilities and weaknesses in the platform, the open nature of Android and the ease in which malicious threats can be loaded into the Android app store,? he said. ?This is a cybercriminal's dream.

?The report also confirmed that mobile threats have gone international. Today, cybercriminals are no longer focusing most of their efforts on mobile device users in Eastern Europe or China. Major incidents causing no small amount of damage took place in a wide range of countries.?

Focus broadens
Other key findings include that over the course of 2012, Kaspersky Lab recorded 43,600 new samples of Android malware and 46,415 new samples of mobile malware overall.

Another key finding is that cybercriminals continue to expand their focus beyond Russia and China. In 2011, SMS Trojans targeting users in Europe and North America emerged while in 2012, Kaspersky Lab detected full-fledged affiliate programs used to spread SMS Trojans in other regions.

Android is the focus of virus writers because it is the most common operating system for mobile devices.

The most frequently detected threats on Android can be broken down into three main groups: SMS Trojans, adware and exploits to gain root access.

Fixing the problem
SMS Trojans are the most prevalent threat and account for 32.3 percent of all threats. This type of malicious program primarily targets users in Russia as cybercriminals look to generate cash by having users send costly text messages from infected devices with their consent.

The second group of threats in made up of Plangton and Hamob adware. Plangton is often found in free apps and displays ads but its other function is to change the browser start page without notifying the user. Hamob adware is portrayed as a useful app but all it actually does is display advertising.

The third group consists of various modifications of Lotoor to gain root access on smartphones running on different versions of Android.

Several new threats were used in targeted attacks in 2012, such as attacks using ZitMo and SpitMo that were designed to intercept text messages from online banking services containing transaction authorization numbers. This type of threat appeared on BlackBerry, as well as Android devices.

To fix its malware problem, Google should take responsibility for releasing security updates to all Android users instead of carriers, per Mr. Naraine. This is how updates are handled by Apple to make sure its iOS is secure.

Google should also add special detection mechanisms to police it marketplace to detect repackaged apps.

?The Android platform has a huge problem that is difficult to fix - the issue of getting security patches/updates released in a timely manner for end users,? Mr. Naraine said.

?Today, even though Google is responsive and ships security fixes in a timely manner, the telco carriers are the ones responsible for releasing the updates and they are typically 18-months behind,? he said.

?This means that millions of end users are sitting ducks for malware attacks targeting known security vulnerabilities.?

Final Take
Chantal Tode is associate editor on Mobile Marketer, New York