Android leads the way in mobile malware

Android tops the charts in mobile malware, largely due to the failure of Google’s Android Market to properly review apps before they hit the marketplace, says a new report from Juniper Networks.

In a blog post yesterday, Juniper found that Android malware has soared 472 percent since this past July. In particular, October and November have seen the fastest rise in Android malware since Google unveiled its mobile platform, according to Juniper’s Global Threat Center.

The number of Android malware samples collected in October rose 110 percent over September and 171 percent over those collected up to July. Further, Juniper’s Malicious Mobile Threats Report, released this past May, discovered a 400 percent increase in Android malware from 2009 to the summer of 2010.

And Juniper lays the blame at the foot of Google.

“These days, it seems all you need is a developer account, that is relatively easy to anonymize, pay $25 and you can post your applications,” noted the blog. “With no upfront review process, no one checking to see that your application does what it says, just the world’s largest majority of smartphone users skimming past your application’s description page with whatever description of the application the developer chooses to include.”

Of course, as Juniper points out, malicious apps are removed from Android Market after they’re discovered. But this often happens after many people have already downloaded them.

Over the past year, a number of malicious apps have been discovered masquerading as supposedly legitimate software, tricking unsuspecting Android users into installing them. In March, Google was forced to yank almost two dozen apps from Android Market and users’ Android devices after learning that they were infected by a Trojan known as DroidDream.

Various security firms, including Symantec and McAfee have also voiced concerns about the huge rise in Android malware.

Beyond increasing in volume, Android malware is getting more sophisticated, says Juniper. This past spring witnessed the birth of malicious apps capable of tapping into the root of a device, allowing them to install more software to gain even deeper access to key data and services. Today, almost all Android malware has this ability, one that attackers are eager to employ.

Most Android malware apps go after communications and GPS data, according to Juniper. Among the known malware samples, 55 percent act as spyware, collecting user information. Another 44 percent are considered SMS Trojans, which send SMS messages to premium-rate phone numbers, thereby costing the user money that’s virtually unrecoverable.

Android has also proven a hot spot for malware thanks to the platform’s increasing popularity. Many of the malware writers originally targeted Nokia’s Symbian and Microsoft’s older Windows Mobile systems but jumped ship to Android as it gained more market share, according to Juniper.

Related stories

How does Android compare with Apple’s iOS in security? Juniper doesn’t see one platform as necessarily more secure than the other. It’s the review process that makes the difference.

“The main reason for the malware epidemic on Android is because of different approaches that Apple and Google take to police their application stores,” the Juniper blog notes. “Android’s open applications store model, which lacks the code signing and an application review process that Apple requires, makes it easy for attackers to distribute their malware. There is still no upfront review process in the official Android Market that offers even the hint of a challenge to malware writers that their investment in coding malware will be for naught.”

So, how do Android users protect themselves?

The Android Market offers a variety of virus scanners, both free and paid. A new study from AV-Test found a small number of free scanners unreliable, but gave decent grades to paid products such as F-Secure’s Mobile Security and Kaspersky Mobile Security. The study also failed to test some notable free products, including AVG Antivirus Free, BitDefender Mobile Security, Lookout Mobile Security, and Norton Mobile Security.

Check Also

North Korea’s Internet said to go dark after cyberattack claims

After increasing instability, North Korea’s Internet is said to go down. Dyn Research North Korea’s Internet connection has been touch and go over the last day and now it’s completely shuttered, according to Internet performance analysis firm Dyn Research. “After 24hrs of increasing instability, North Korean national Internet has been down hard for more than …

Leave a Reply