The most recent and interesting threats we see are more or less “evolved” forms of previous threats, including those originating from the PC side. People have been “spoofing” parts of apps, such as code, appearance, or digital certificates, since Android malware first started appearing. The MasterKey exploit was a whole new way to modify the app without even having to spoof anything (since this was the exploit which allowed applications to be changed without invalidating the existing digital signature). It’s also very interesting to see how threats like Zitmo or RAT-type apps seem to get better and better at mirroring the PC versions of those threats.

For instance, Zitmo (Zeus in the mobile) seems to always come from the same template, afterwards customized to mimic various authentication or banking apps, similar to the PC version. In general, what are most interesting are those threats which appear to be getting better and better at these techniques considered mainstays of PC malware. We don’t expect to stop seeing these types of developments in many of the different threats seen around the Android landscape.

Our top 5 predictions:

  • More PC-side infections ported to Android, especially Ransomware
  • Increasingly-sophisticated obfuscation techniques
  • Increasingly-sophisticated packing techniques
  • Greater focus on social engineering within Android malware
  • At least one new exploit similar to the level/severity of MasterKey

Stay protected!
There are many ways to change your habits and use security software to help prevent catching a bug on your Android device. When downloading apps, know where you are getting them from. Though not foolproof, the Google Play Store is still, by far, the safest place to get apps for your Android devices.


Use Android security software to protect your devices, such as Webroot SecureAnywhere. There are many other apps which will provide additional help identifying various risky behaviors, settings, or software on your phone as well. Furthermore, the Android operating system gets more secure and informative every day, allowing users to better understand the permissions and risks behind their apps.

Lastly, keep up on the latest Android news! It’s super easy with all the great news outlets, blogs, and Twitter feeds out there. If it’s hot, new, or just plain interesting, you can count on many tech news outlets, including the Webroot Threat Blog, to post or comment about it.

Cameron Palan

About the Author

Cameron Palan

Sr. Threat Research Analyst

Cameron is a Sr. Mobile Threat Research Analyst, continuing to mess around with the latest in mobile technology. Working for Webroot, he researches and reverses the latest Android malware to discover new trends and keep the masses protected.

Share This