ISLAMABAD: Kaspersky reports a significant rise in Android mobile threats 2025, with 29% more attacks on Android users in the first half of 2025 compared to the same period in 2024. The company detected threats such as SparkCat, SparkKitty, and Triada. Other active threats included apps with adult content that could launch DDoS attacks and a VPN app that intercepted login codes sent through text messages.
DDoS Attacks in Adult Content Apps
In the second quarter of 2025, attackers embedded functionality for dynamically configured DDoS attacks into apps for viewing adult content. This trojan sends specific data from the infected device to attackers at specified intervals.
Fake VPN Apps Among Android Mobile Threats 2025
Kaspersky also detected a fake VPN client hijacking user accounts. Instead of providing its advertised function, it intercepts one-time password codes from messengers and social networks by monitoring notifications. The codes are then sent to attackers via a Telegram bot.
Fakemoney Scam Apps and Pre-installed Malware
Malicious apps most frequently encountered by users included Fakemoney scam applications, banking trojans, and pre-installed malware. Fakemoney scam apps trick users into thinking they can earn money or rewards but instead steal personal data or funds. Pre-installed trojans like Triada and Dwphon were also common. These malicious programs embed in Android firmware during manufacturing, enabling data theft and persistence even after factory resets.
Mobile Banking Trojans Surge in 2025
The number of mobile banking trojans detected in the first half of 2025 was almost four times higher than in the first half of 2024 and over two times higher than in the second half of 2024.
Kaspersky’s Advice to Counter Android Mobile Threats 2025
“There are different attack vectors, including sideloading apps from outside app stores. Google’s developer verification helps, but it is not a silver bullet. Malware continues to infiltrate Google Play and Apple’s App Store. Users must combine strong security software, cautious app sourcing, and regular OS updates to stay protected,” says Anton Kivva, Malware Analyst Team Lead at Kaspersky.
Kaspersky recommends downloading apps only from official stores like Apple App Store and Google Play. Even then, install reliable security software, such as Kaspersky Premium, to detect malicious activity. Always check app permissions carefully, especially high-risk permissions like Accessibility Services.
