Android malware remains a massive danger in 2025, with a June 5 mobile threat report from Kaspersky revealing that 12.1 million attacks were conducted on Android devices running Kaspersky software between January and March 2025.
Now, considering that number doesn’t include the majority of the world’s 3.3 billion Android OS devices that aren’t using Kaspersky, you get an idea of the scale of this concern.
Trojans were the most common threat, accounting for 40% of the total malware infections. Trojans are viruses that trick you into installing them on your phone to steal data, gain access to your banking apps, spy on you, or drain cryptocurrency accounts, so they should not be taken lightly.
Let’s examine the current malware landscape on Android and learn how to protect yourself against the most common threats.
The most vulnerable Android devices
Anyone running Android 12 (or earlier) on their device is particularly vulnerable
Keeping your software and operating system up to date is one of the easiest ways to stay safe. Before delving deeper into the report’s findings, it’s worth noting that anyone running Android 12 (or earlier) on their device is particularly vulnerable. Google ended security updates for that version in March 2025. Since then, Google has patched 133 high-severity and four critical-severity threats.
Android 12 was launched in October 2021 and is currently installed on approximately 12% of all Android devices, according to Statcounter’s May 2025 figures. That’s nearly 400 million Android devices worldwide, including popular phones such as the Samsung Galaxy S10 lineup (released in March 2019) and Google’s Pixel 3 (released in October 2018).
So, if you are someone who likes to hang onto your phone for a long time, this is the moment to let that old phone go and make the upgrade. Devices without security software updates pose a significant threat to your safety. The good news is that it doesn’t have to be that expensive. Check our best phone deals for options starting as low as $169.
Mamont banking Trojan was the biggest threat in early 2025
Mamont is off to a banner year in 2025, which is not something you want to hear when it comes to malware. Between January and March, it accounted for three of the top five mobile malware threats, an increase of more than 15 percent compared to October to December of 2024.
How is Mamont spreading so fast? Social engineering is the key, as these Trojans masquerade as legit apps to gain high-level permissions on the victims’ devices.
Mamont is a threat to anyone who sideloads apps, so be particularly wary if you’ve done so lately. Double-check your permissions and keep one eye on your bank account. Mamont can pose as the Chrome app, a delivery tracking app, or a video file, among numerous alternatives.
Don’t buy that off-brand Android phone
Motorola offers affordable Android phones for under $200, so please don’t bite on extreme budget Android phones.
See also: The Trump Mobile T1 phone: A ridiculous claim may doom it to fail
Kaspersky has found several off-brand phones loaded with a backdoor Trojan called Triada so far this year. The Trojan is active from the moment a user powers on their phone.
It can replace browser links, steal your login data, steal cryptocurrency, or inject malicious code into apps without you realizing it. The people behind Triada have stolen over a quarter of a million dollars in crypto from victims.
Your phone is your most valuable possession
In 2025, your phone will undoubtedly be the most valuable thing you own, as it has access to virtually everything else.
Again, this means ensuring you don’t skip the operating system updates that your phone is prompting you about. Stop putting them off and update now; it’ll only take a few minutes.
Only download apps from the Play Store. Although there have been instances of malware infiltrating the Play Store, it is vastly safer than installing apps from the open web.
Go to Settings and search for Permission Manager to review the permissions you’ve granted to every app on your phone. Pay careful attention to any apps with Accessibility or Device Admin rights, as these are often critical for malware.
Use a mobile antivirus app to protect your phone from malware further. These apps can move faster against attackers than a software update from Google or Samsung, so it’s a sound early defense system.
Finally, for any critical accounts, enable two-factor authentication, as this can potentially stop cybercriminals from gaining access to your accounts even if your device is infected with malware.
