- The number of malware samples targeting Android increases, warn the experts
- The majority are Trojan horses and banking infostes
- Kaspersky urges users to be careful when downloading apps
Malicious mobile software and other attacks targeting Android users are increasing, said new research.
Kaspersky security researchers argued that people should pay much more attention to the safety of their smartphones than at the moment.
In his report “IT Threat Evolution in T1 2025: Mobile Statistics”, Kaspersky says that the number of samples of malicious software detected has increased by more than a quarter (27%) between the first quarter of 2025 and the fourth quarter 2024, when researchers detected 180,000 malware samples.
Triada and Türkiye
These samples were blocked on more than 12 million smartphones users (up 36% compared to the fourth quarter of 2024), added Kaspersky, stressing that the upward trend of attacked users “continued since the third quarter of 2024”.
Although there are several factors contributing to the growth of malware based on Android, Kaspersky suggests that the most important is the activity in certain families of malware, which operated in certain geographies. The researchers have distinguished the Mamont banking Trojan horse as “in recent months”, stealing banking references, text messages and personal data.
They also mentioned the Triada stolen door, which was installed on scams of popular smartphones brands. They were part of a supply chain attack, as they were installed on new phones, a certain time between the devices leaving the factory and reaching the market.
“Triada can modify the cryptocurrency portfolio addresses during transfer attempts, replace the links in browsers, send arbitrary text messages and intercept the responses and steal connection identification information for messaging and social media applications,” said Kaspersky.
Finally, the researcher said that a number of banking horses were targeting people in Türkiye, including COPER (equipped with rat capacities), BROWBOT, HQWAR and Agent.SM.
“Users may wrongly believe that their smartphones are intrinsically more secure than PCs, but the reality is that mobile malicious software, such as sophisticated Trojan horses that we have explored in recent months, are increasingly active,” said Anton Kivva, team of malveillant software analyst.
“The false idea of default protection stems from allegedly organized application stores and restrictions on the operating system, but social engineering tactics and modern mobile malware, including preinstalled mobile Trojans, use these false titles.”
To stay safe, Kaspersky recommends users that applications for downloading applications in official application stores, but only after checking the application notices and downloading counts. Even when the applications are downloaded, users must check the authorizations they ask and make sure to update the operating system and important applications as soon as the updates are available.
