Security researchers are sounding a warning about the speed at which Android malware is growing, thanks to how easy it is to post an application on the Android Market.
As
Android market share continues to grow, malware developers are increasingly
targeting the platform, according to security researchers.
While
the total volume of mobile malware and malware specifically targeting
Android remains very small in comparison to malware targeting the Windows
platform, recent reports found the numbers are growing, and will likely
continue in 2012.
Malware
targeting Android devices jumped nearly 37 percent since last quarter, McAfee
Labs reported in its third-quarter Threats Report released Nov. 21. The
findings concur with an earlier report by Juniper Networks' Global Threat
Center, which reported in its Malicious Mobile Threats Report released Nov. 15
that there was a 472 percent increase in Android malware samples detected by Nov.
10, compared with what had been detected in July.
October
and November have seen the "fastest growth in Android malware
discovery," according to the Juniper Global Threat Center report. Malware
samples identified in September increased 28 percent over known samples, and
there was another 110 percent increase in October over what was detected in the
previous month. The biggest surge was between October and November,
contributing to the overall 400 percent growth, a Juniper spokesperson told
eWEEK.
It's
not just the volume of malware that worries Juniper researchers, but the fact
that the examples are becoming more sophisticated. Only some of the malware
detected in the spring had the capability to exploit vulnerabilities in the
platform to gain root access on the device. "Today, just about every piece
of malware that is released contains this capability," the researchers
concluded on the Global Threat Center blog.
Malware
developers just need a developer account, pay $25 and post malicious
applications on the Android Market, Juniper researchers wrote. Since the first
group of apps infected with the DroidDream malware family was removed from the
Android Market, there has been a surge of other malicious apps, Juniper said.
Juniper
also said a little over half, or 55 percent, of Android malware is disguised as
spyware, while 44 percent use an SMS Trojan to send text messages to prime-rate
numbers to rack up expensive charges on a user's cell phone bill.
Security
firm Mocana released the
Device
Confidence Index last week, which found that 47 percent feel their mobile
devices are not secure when it comes to storing sensitive information. The
distrust extends to both iOS and Android, with only 26 percent and 19 percent
saying they feel positive about their respective platform's ability to protect
personal data.
"The
majority of those expressing an opinion didn't trust Apple's iOS to be secure,
and Google's Android platform and RIM's BlackBerry fared still worse,"
Mocana wrote in the report.
These
studies don't appear to have convinced
Chris
DiBona, an open-source program manager at Google. In a Nov. 16 post on
Google+, DiBona accused security companies of "playing" on fears to
sell security software for mobile platforms. He dismissed existing Android
threats as "little things" that didn't cause much damage thanks to
the protections built into the platform.
"They
are charlatans and scammers. If you work for a company selling virus protection
for Android, RIM or IOS, you should be ashamed of yourself," DiBona wrote.
Email
Print
