Mobile malware¶

Mobile malware is a generic term for malicious software designed to target mobile devices: smartphones, tablets, and IoT devices. Its goal is typically to gain access to private data, credentials, or the device itself.

Mobile malware was treated as a secondary concern for years, partly because security operations focused on workstations and corporate networks. That gap has narrowed. Banking trojans, spyware, and ransomware for Android are now established categories, not edge cases.

Common types¶

• Advertising click fraud hijacks a device to generate income from fake ad clicks.

• Cryptomining malware covertly uses the device’s processing resources to generate cryptocurrency, often delivered through app squatting.

• Spyware and stalkerware track activity on the infected device: websites visited, contacts, application usage, location, and login credentials. Some variants can activate cameras or intercept SMS.

• Banking trojans disguise themselves as legitimate applications and target users who conduct financial transactions from their phones. They aim to steal login credentials and payment details.

• Ransomware locks the user out of the device or encrypts files and demands payment.

Resources¶

• Malware for iOS (iPhone wiki)

• Android malware apps master list (Phone Arena)