Android Malware Takes off, Mostly Outside the U.S.
Attacks on mobile devices using malicious code continue to focus on Android, with 175,000 programs found in the last quarter, according to a Trend Micro report.Attackers are continuing to focus more heavily on mobile devices, and in particular those running Google’s Android operating system, posting 175,000 malicious or suspicious programs to app stores, according a report published by security firm Trend Micro on Oct. 22. The activity in the third quarter is a steep increase from the previous quarter when the firm only found 30,000 apps that appeared to take malicious actions or aggressively gather information on a user. While mobile operating systems typically have more security controls than their desktop counterparts, much of the popular Android operating system's security relies on a knowledgeable user and regular policing by Google, said Raimund Genes, chief technology officer for Trend Micro. "The foundation of Android is very solid, with its permission-based security," said Genes. "But, it's a more open ecosystem, which is not very secure." Users need to understand the implications of the permissions that an application requests before granting permission, or run the risk of leaking sensitive data. About 20 percent of Android device owners use a security application, according to Trend Micro.
In addition, the app stores—including Google Play—need to improve their automated analysis of programs posted to the marketplaces, said Genes. While Google tends to quickly pull down overtly malicious applications, aggressive adware that takes more information than outlined in its user agreement is common. The company has scanned some 1.1 million applications and found 12 percent to leak some sort of personal information.