While PC ransomware like WannaCry made the news, viruses are all too common on smartphones. Nokia’s Threat Intelligence report shows that the majority of infected devices that connect to mobile networks were indeed Android phones.
Still, Nokia praises Google’s efforts with Google Play Protect and says that Play Store’s defenses are much better than they were two years ago. However, third-party app stores are less protected and are a common vector of infection.
The biggest threat are trojanized apps – once that pose as popular apps (say, Netflix) but contain malicious code (those usually come from the other app stores). Due to government restrictions, essentially all Androids in China use a non-Google store.
According to Nokia, the Uapush adware is the most popular malicious app, the Jisun ransomware came in second and the Marcher banking trojan in third. The average infection rate was 0.68%.
Note that Nokia collects this info via NetGuard, a security product used by mobile network operators. This way it can detect infected devices with no client-side software, but it skews the numbers against smartphones as it only tracks Windows systems that use a dongle or are tethered through a phone (i.e. not ones with a fixed home Internet connection).
On fixed residential networks things look much better. Nokia reports that the infection rate fell to 6.2% from 11.3% last year.
Anyway, iOS is under attack as well, mostly by Spyphone apps, though with basically no third-party app stores the infections were less common. Older versions of iOS have unpatched vulnerabilities, however.