Announcement of 24. February 2014

Android malware marker: G Data records almost 1.2 million new malware instances in 2013

German IT security provider publishes Mobile MalwareReport

According to market research by Gartner, over 877 million Android smartphones and tablets were purchased during the past year. The number of new malware programs for Android devices increased in line with this development during the second half of the year, to almost 673,000 instances. The number of new malware programs for the year as a whole reached a new record of 1.2 million. The perpetrators are largely relying on Trojan horses to steal and sell lucrative data. Another eCrime trend was potentially unwanted programs. These are not conventional malware apps, but they can be used to display unwanted advertising and to spy on users. G Data believes that cross-platform attacks will increasingly take place in future, and that digital currencies such as Bitcoin will be targeted by the perpetrators. Alongside this, premium rate SMS message fraud is declining again because of the security mechanisms in newer versions of Android. The G Data Mobile Malware Report is available online.


"We recorded a new negative record for 2013, with 1.2 million Android malware programs. In doing so, the eCrime industry is largely relying on the theft of personal data that can be sold for profit in dedicated markets," explains Eddy Willems, G Data Security Evangelist. And there is no chance of the expert giving the all-clear for this year. "From the perpetrators' perspective, 2014 is the Year of Data Theft, since fraud involving expensive premium rate SMS messages is no longer profitable as a result of the security mechanisms installed in Android 4.2 and higher. This means that cross-platform attacks and digital currencies such as Bitcoin are growing in interest for cyber criminals in the mobile sector."

672,940 new Android malware strains in the second half of 2013

The number of new Android malware instances increased by 30 percent compared to the first half of 2013, and in doing so reached a new record. The criminals also achieved a new negative best in the total number of 1,199,758 new malware apps – this is an increase of 460 percent compared to the whole of 2012.

Trojan horses continue to dominate
Eight out of ten malware apps sorted into malware families are Trojan horses. These are used by criminals with the aim of stealing personal data and making money out of it in dedicated eCrime markets.

Another major problem is potentially unwanted programs (PUPs), which make up more than half of the malware programs counted in the second half of 2013. “PUP” includes applications that are not strictly malicious, but are conspicuous for displaying unwanted advertising and for spying functions. They are often hard to remove too.






Three forecasts for the first half of 2014

  • SMS malware continues to decline: Fraud involving premium rate SMS messages will continue to decline because Android contains a special security mechanism from version 4.2. Criminals will mainly concentrate on stealing personal data instead.
  • Bitcoin and the like targeted: Digital currencies are becoming more and more popular among customers and vendors on the Internet. However, these are based purely on data, which makes the cash easy to steal. G Data believes that cyber thieves will use Android malware to steal information for Bitcoin and other digital currency amounts directly from smartphones and tablets.
  • Cross-platform attacks grow in frequency: Mobile devices are popular for online banking via an mTAN process, to carry out payment transactions securely for example. Criminals will be increasingly focusing on this and using cross-platform malware programs and attacks.

The G Data Mobile Malware Report is available online at:

Announcement of 24. February 2014