Android devices remain a constant target of attacks over the last quarter thanks in part to new variants from the FakeInst and OpFake families of malware.
There were 5,033 malicious Android application packages (APKs), a 64 percent increase over the 3,063 the firm identified in the first quarter of 2012, according to the latest version of the F-Secure Mobile Threat Report.
Out of the more than 5,000 APKs analyzed, researchers found 19 new families of malware and 21 new variants of previously known families. Much like Q1, when 84 percent of the malware found was a Trojan, 81 percent of the variants found in Q2 were Trojans.
One of those variants, a new version of OpFake, a strain of Android malware that sends SMS texts to premium numbers appeared on radar screens last month fully integrated with a copy of Opera’s Mini browser.
Another SMS Trojan, FakeInst, infects systems in a similar way and, according to F-Secure, appears to be in the same family as OpFake due in part to the way they avoid detection. Over the last few months the malware strains have become harder to detect.
The report also discloses several new methods of infection Android malware has employed over the last several months, including instances where malware ends up triggered by a drive by download and uses Twitter as a bot.