All the IC3's badly written, vague release really said was that: "The IC3 has been made aware of various malware attacking Android operating systems for mobile devices. Some of the latest known versions of this type of malware are Loozfon and FinFisher." And, what are these?
Loozlon is a Trojan horse that Symantec reports as having less than 50 reported instances. FinFisher is a much more serious spyware program.
In any case, both programs aren't classic computer viruses. They require users to go above and beyond the call of stupidity to catch them.
With both, you typically need to open a suspicious looking email, then follow a link, and then agree, in Android's case, to download the unknown Android application package (APK). After that, you have to tell your smartphone or tablet to install it even though it's not in Google's Play Store, ignore the malware warning, and then you finally get to infect your device.
In short, these malicious programs don't really infect devices. Maliciously stupid users do. Or, in the case of FinFisher, it might be your employer or your government.