The Total Defense research team suggested major platform vendors can do more to improve mobile OS security.
The surge in malware targeted
at Android devices has surpassed the Google Android operating system's rise in
market share, according to the findings of a new report from Total Defense, a
malware detection and anti-crimeware specialist. The "2011 Internet
Security Threat Intelligence Report" reveals that, in total, more than 25
times more Android Malware was identified in 2011 than in 2010.
The study identified and
analyzed the most notorious Android malware in 2011 that used social
engineering tricks to lure users, such as AndroidOS/Foncy, a Short Message
Service (SMS) Trojan that differentiates itself from others in this category by
choosing different destination message centers based on country code and
AndroidOS/Dogowar, a Trojan created by malware authors socially motivated to
stop animal cruelty.
Other malware cited in the
report includes AndroidOS/Fakeneflic.A, a Trojan belonging to the InfoStealer
category that tricks users by disguising itself as popular software that
requires log-in credentials. If the user is successfully tricked, the entered
credentials will be posted to a hosted Website. AndroidOS/WalkSteal.A, a unique
SMS Trojan created with the intention to teach a lesson to the users who are
interested in using pirated applications, was also cited, as well as
AndroidOS/FakePlayer.A, an SMS Trojan that uses a familiar social engineering
trick of disguising itself as a media player. When executed, it sends four SMS
texts to a premium number.
One final piece of malware
also showed up in the study, AndroidOS/Golddream.A, a Trojan that disguises
itself as gaming applications whereupon it monitors and records information
about incoming/outgoing calls, incoming SMS communications in plain text files
that are uploaded to a hard-coded URL.
This past year can be
viewed as the year of Android malware with more than 9,000 escalations, clearly
illustrating the exponential growth of threats targeting this platform, said
Paul Lipman, CEO at Total Defense. The rise of Android malware opens up an
interesting debate about security architectures and the merits of open versus
closed systems. While users have the ability to install any code, from
anywhere, the problem is that criminals see this as an advantage, too.
The report also details that
the movement toward the app-paradigm, whereby PCs become more appliance-like
and only authorized applications can be installed and run, can dramatically
decrease the attack surface for digital devices.
The Total Defense research
team suggested major platform vendors can do more. Microsoft can lock down
Windows 8 to a greater extent on the PC by enticing more Metro App development,
and Google can better secure Android Apps by offering certified applications
via their Android Marketplace.
The malware landscape is
changing at a rapid pace with cyber-criminals producing new malware variants at
an exponential rate, said Lipman. The proliferation of consumer digital
devices for convenient Internet access, coupled with our global socioeconomic
climate, continues to serve up a perfect storm for online criminal activity.
Our goal is to empower end-users with solutions that can provide them complete
protection in this dangerous digital world.
In addition, the report
chronicles the acts of hacktivism that have transpired over the past year,
including activity by well-known groups LulzStorm, Anonymous and LulzSec. The
report covers specific activity around organized crimeware, including the
high-profile, successful takedowns of the large-scale DNS-Changer, Rustock and
Coreflood Botnets, as well as the arrest of the co-founder of ChronoPay, a
Russian online payment processor, which processed the sales of leading FakeAV.
While law enforcement and cloud security controls have put a dent in large-scale
malware attacks in 2011, threats remain extremely high, the report concluded.