Mobile malware developers are focusing on Android devices more than any other platform. But mobile malware remains a tiny segment of total malware output.
Android has overtaken Java Micro Edition as the most attacked mobile platform,
McAfee said in its latest quarterly threat report.
of about 1,200 mobile malware samples that McAfee Labs collected and analyzed
in the second quarter of 2011, about 60 percent were aimed at Android, McAfee
said in its 2011 Threats Report for the second quarter. While mobile malware
remains a tiny fraction of the overall malware market, Android is clearly the
criminals' favorite target, McAfee said.
malware jumped 76 percent since the first quarter, according to the report.
However, that number sounds bigger than it really is, as McAfeeLabs identified
only 44 total Android threats this spring. To put that figure in context,
McAfee collects about 2 million new malware samples, regardless of platform,
every month and found 12 million unique types of malware in the first half of
2011. Researchers expect to have 75 million samples by the end of the year.
"could become an increasing target for cybercriminals-affecting everything
from calendar apps to comedy apps to SMS messages to fake Angry Birds
updates," McAfee said.
wouldn't be focusing on a platform if they weren't making money, and the
malicious apps don't need to be that widespread to be worthwhile, Tim
Armstrong, a malware researcher at Kaspersky Lab, told eWEEK. An early Android
malware sample, FakePlayer Trojan, charged users $5 to $6 per SMS message it
sent out. Even if only a thousand users installed the app, that's $5,000 to
$6,000 going to the attacker's pocket, and "that's if the app only worked
once," Armstrong noted.
platforms were under attack from "for-profit mobile malware" such as
SMS-sending Trojans and smartphone exploits, researchers wrote. Malware
developers are targeting Android more than Symbian and J2ME, but the total
number of Android malware still lags behind those two mobile platforms.
McAfee's numbers suggest that as Symbian devices lose popularity and Android
gains more mobile
market share, that will soon change.
Android operating system rose to 52 percent of units sold for the second
quarter, according to the latest numbers from The NPD Group.
increase in threats to such a popular platform should make us evaluate our
behavior on mobile devices and the security industry's preparedness to combat
this growth," McAfee researchers wrote in the report.
more employees use their personal Android devices at work to access corporate
resources, such as email, it's imperative that enterprises be aware of the
risks and take steps accordingly to protect the devices. Recently, a number of
wireless carriers, including Sprint
and AT&T, announced partnerships to provide mobile security offerings.
of the threats appear as if they are legitimate apps. A number of recent
Android malware examples, such as GingerMaster,
pretended to be a photo-displaying app.
researchers also included the MacDefender
fake antivirus that infected Mac OS X systems in May and June in the
report. There are more Mac users than ever before as well as steady business
adoption, which places the Apple platform "squarely in the crosshairs of
malware authors," according to the report. Researchers said it is a
"case of 'when' rather than 'if'" that malware will make its way to
the iPad and iPhone as well. The report noted a handful of malware were
targeting jailbroken iOS devices.
several quarters, McAfee researchers have noticed that malware developers are
focusing more on exploits targeting vulnerabilities in Adobe products rather
than Microsoft products.
trend does not prove that Adobe's technologies are more vulnerable or have more
coding bugs than Microsoft's," the report said. Adobe has one of the most
popular products in the world, and criminals "target what is popular and
in wide use," the researchers wrote.
were also highly popular in the spring, as criminals used them to make other
malware stealthier and more persistent. The better hidden the malware is, the
longer it can engage in malicious activity, the researchers wrote. The most
common encountered were Koutodoor and TDSS.
have seen their busiest-ever six months, up almost 38 percent over 2010,"
the report found.