We’ve had a running joke in the office about the Android platform being a hive of scum and villainy, but the latest quarterly threat report from McAfee would seem to confirm even the most irrational prejudice. Although Symbian remains the all-time leader for danger, by virtue of the sheer amount of malware for the platform, the report’s authors make a strong case for Android as being the target for what’s new, hot and climbing up the malware charts.
The scariest part of the section on mobile threats isn’t the use of root exploits in hope of accessing system databases. That’s something I’d expect to see on any platform, because by gaining root, apps good and bad can break out of the sandbox in which they’d otherwise have to run; attackers have used the strategy of “get access, get root, move on” since the days when the only computers to hack were the ones at the telephone company.No, what makes the hair on the back of my neck stand on end is a new twist on acquiring user information: certain strains of Android malware, such as NickiSpy and GoldenEagle, will simply record your phone conversations and forward them to the attacker. When one thinks about the things you hear strangers discussing on the bus or train, one can only imagine what a targeted attack on a user with an Android device might yield.
But another big thing in Android malware continues to be the Trojans which sign an unwitting user up for one premium-rate SMS subscription or another. The sneakiest will delete any confirmation messages sent by the service, leaving the user with a fat bill that will prove difficult to dispute on a good day.
What’s not a surprise is that Apple’s iOS isn’t mentioned at all in the section on mobile malware. That’s more of a tribute to Apple’s heavy-handed curation of the iTunes App Store than it is to any inherent superiority of the platform. Whether one likes them or not, Apple’s methods seem to be very effective at keeping malware away from user devices; if that end doesn’t justify the means, what does?