As with traditional computing platforms, there are mobile malware versions of backdoors, trojans, and worms. Backdoors are programs that provide unauthorized remote access to the mobile device. Trojans are programs that purport to be one thing but additionally perform other functions, such as stealing data, interfering with user control of the device, or using device resources without the user’s knowledge. Trojans are often subdivided into the type of action they perform: trojan dropper, trojan spy, trojan downloader, and so on. Worms are programs that replicate themselves, creating similar or exact copies to connected devices or removable storage media.

RiskTool and Adware currently top the list when it comes to mobile threat detections. RiskTool capabilities include file concealment, hiding the windows of a running application and the ability to terminate applications/processes, and while the actual threat Adware seems low, due to the nature of their hooks into running applications, there is the potential for them to be misused by attackers. ¹

The bulk of malware is still attributed to various types of Trojans, with subcategories for their particular behavior: Trojan-Dropper, Trojan-SMS, Trojan-Spy, etc. ¹

SMS trojans send SMS text messages to premium text messaging services without the user’s knowledge or consent, racking up large bills for the user. Fake install apps are malicious programs that mimic the activities of legitimate apps but require users to pay attackers via premium SMS charges. Trojan spy apps capture and transfer user data to attackers without the user’s knowledge.²

References:

[1] https://for585.com/kasperskyreport

[2] https://for585.com/rp6l9 (Security Intelligence Article on mobile malware)