Since reaching record highs in 2020, the number of mobile malware installers has been gradually declining, new figures from Kaspersky have claimed.
The company's “mobile malware threat landscape in 2022” report (opens in new tab) claims that although 5.6 million detected mobile malware installations were detected in 2020, this number has fallen to 1.6 million in 2022, a drop of roughly 70%.
In previous years, the most distributed malware type was adware. In 2022, however, this was replaced by RiskTool-type potentially unwanted software, which now takes up 27.39% of all mobile malware installations. Adware is now second with 24.05%.
The Chinese under attack
Consumers in China were the most popular targets, the report notes, saying that out of all the victims attacked with mobile malware last year, 17.70% were Chinese, followed by Syrians (15.61%), Iranians (14.53%), and the Yemeni (14.39%). The only European country to make the top ten list was Switzerland, placed eighth (5.44%).
Even though the number of detections overall appears to be in freefall, there’s one subset of mobile malware that’s actually gone up recently - mobile banking Trojans. Kaspersky detected a total of 196,476 installs in 2022, a 100% increase year-on-year, and the highest figure in the past six years.
The biggest variant was Bray (66.4%), whose operators mostly targeted the Japanese. Fakecalls and Bian rounded off the top three with 8.27% and 3.25% respectively.
While in the short-term the numbers have gone up, Kaspersky said that compared to the 2020 highs, the number of detected malware installers actually dropped.
"The cybercriminal activity leveled off in 2022, with attack numbers remaining steady after a decrease in 2021," the report concluded.
"That said, cybercriminals are still working on improving both malware functionality and spread vectors. Malware is increasingly spreading through legitimate channels, such as official marketplaces and ads in popular apps. This is true for both scam apps and dangerous mobile banking malware."
- Check out the best endpoint protection (opens in new tab) services right now