The first types of malware were written primarily as pranks. You see, back when people used to copy floppies from each other, it was not uncommon that you might get infected with a virus that would become resident in memory on your computer. That way, the next floppy you copied would also get infected.

The first internet worm (a self-propagating virus), the Morris worm of 1988, was similarly mainly a prank that got out of hand; according to Robert Morris, the goal was only to measure the size of the internet. Things were different back then; Norway avoided the Morris worm because someone got a phone call and simply unplugged the country from the internet. What a time!

After a few other (mostly annoying) worms and viruses, more dangerous tools began showing up. In 2002, the first Remote Administration Tools (RATs) was created to spy on people. Attacks targeting the banking industry first appeared in 2007 with the Zeus and Gozi malwares, the descendants of which are still active today.

In 2013, the first ransomware malware was discovered. It encrypted files and tried to get you to pay to get them unlocked. These early worms and viruses spread through email and phishing, similar to how malware still spreads today. An interesting development is that this year (2020), it appears Apple Macs have surpassed Windows-based PCs in the number of malware infestations. The reason is partly due to the increased popularity of Macs. However, it is also likely that Microsoft's focus on security - bundling antivirus software, a good firewall and dropping support for Internet Explorer - has something to do with the reduction in PC based malware.

The same types of malware are, of course, also found on mobile devices. The first real worm, which spread from phone to phone, was the Cabir worm of 2004, which spread through Bluetooth on Nokia's Symbian devices. Spyware made its first appearance in 2007, and ransomware appeared the same year as its PC based counterpart with FakeDefender in 2013.

A common thread with these types of malware is that they spread through phishing and the attackers often trick the users into downloading the malware from a website or an alternative app distribution channel.

The vector for malware is still mostly the same when comparing PC and mobile-based malware: They spread through email and phishing. However, PC-based malware has a long history of trying to spread to other PCs through network vulnerabilities. The way the malware communicates with their originators has changed from hand-crafted "command & control servers" to distributed networks of infected PCs where the owner of the PC is unlikely to be aware of the infection.

Something similar will likely happen on the mobile side. As phones have gotten more and more powerful, the next generations of phone-based malware will probably try to infect other phones directly (e.g. with MMS messages). Instead of operating with control servers as a single point of failure, a distributed network of infected phones might be at the core of future malware. 

Google clearly has a big job to do with Android. Today, Android is quite fractured as too many users don't receive security updates on their perfectly usable phones. It is tempting to compare the situation today with how Microsoft had to give away Windows 10 for free, merely to get enough new users on the platform.

Similar to how a PC from 10 years ago might still be perfectly fine hardware-wise, a high-end phone from 3 years ago still has some life left in it. Perhaps Google could release their own Android distribution for phones abandoned by their original makers?

We at Okay try to help banks, card issuers, PSPs and eWallet providers to protect their transactions from malware. On our product pages, you can read more about how the Okay SCA platform protect identification and authentication processes.