About one out of every one hundred mobile devices (1.4 percent) in the world was infected by malware in the second quarter of 2015, according to a report released by 360 Mobile Security Limited, a mobile antivirus developer. Sixty-two percent of these phones had “privacy-stealing malware” designed to grab sensitive information such as login credentials, contacts and photos.

American phones were less likely to be hacked (0.2 percent) than those overseas, due in large part to American Android users almost exclusively downloading Google Play applications, as opposed to applications from third party sources that are not as secure. Downloading secure applications and updating phone systems are two of the most effective ways to combat mobile security threats, according to the report.

While the overall number of compromised devices may seem small, the potential damage can be significant. For example, the report notes that 81.2 percent of Android devices running version 4.4 or older are vulnerable to TowelRoot exploits, a Linux bug that can give the attacker access to the victims’ phones and provide them user data that is stored on the devices. The ensuing version, Android 4.4.1, wasn’t released until Dec. 5, 2013, meaning any phone that is more than 20 months old is susceptible to TowelRoot unless the phone has been updated by the user.

The report also found that 78 percent of all worldwide phone purchases last quarter were Android devices, which are more susceptible to hacking than their competitors. In fact, more than 97 percent of all mobile malware targets Android phones. By comparison, the report states that less than 1 percent of all mobile attacks target iOS systems.

The figures used in this report were generated from analysis of the more than 200 million Android devices using 360 Mobile Security Products. Click here for more information regarding the report, or view the 360 Mobile Security Limited press release here.