Android Malware Climbs 614 Percent in 2012: Study

Attackers are becoming more business savvy, exploiting the Android OS ecosystem and finding easier ways to distribute malware.

Download the authoritative guide: The Ultimate Guide to IT Security Vendors

Mobile malware has developed into a profitable business for cyber-criminals, as their interest in exploiting mobile devices, particularly those running Google's Android operating system, continues to grow, according to a new report from Juniper Networks. Mobile malware threats grew 614 percent for a total of 276,250 malicious apps in 2012.

Cyber-criminals focused 92 percent of all detected threats at Android in 2012, according to the Juniper Networks Mobile Threat Center (MTC) report. Android holds the lion's share of the global smartphone market, as Android devices accounted for 67.7 percent of all smartphones shipped in 2012 and is forecast to ship more than 1 billion smartphones in 2017, according to Canalys.

Malware writers behave more like profit-motivated businesses when designing new attacks and distribution strategies, said Juniper MTC. They also are taking advantage of third-party app stores that don't have much oversight to distribute malware more quickly into the marketplace.

"There's no doubt mobility will continue to be a pervasive and disruptive force across every industry," Troy Vennon, director of the Mobile Threat Center, said in a statement. "We have found that it has created an easy business opportunity for malware developers who are becoming savvy in their approach to quickly turn profits in a rapidly growing market. We anticipate that similar to the evolution of PC-based threats, mobile attacks will continue to increase and become more sophisticated in the coming years."

Based on the analysis of more than 1.85 million mobile applications and vulnerabilities, Juniper's report reveals several trends that indicate "increased business savvy by attackers." These include taking advantage of high-growth market opportunities such as Android, more effective distribution through third-party app stores, exploiting holes in mobile payments and users not updating security measures, and increasing privacy violations.

Targeting Android devices has led to bigger profits. Malware for Android OS has increased significantly, growing from 24 percent of all mobile malware in 2010 to 92 percent by March 2013. The big culprits are FakeInstallers and SMS Trojans, which account for 73 percent of all known malware.

These malicious apps exploit holes in mobile payments by tricking people into sending SMS messages to premium-rate numbers set up by attackers, costing users $10 for each successful attack, Juniper MTC found. They also are developing intricate botnets and targeted attacks that can disrupt and access high-value data on corporate networks.

One of the problems is that many Android devices aren't receiving new security measures or updates provided by Google because of the fragmented ecosystem, leaving users exposed to threats, said Juniper MTC. According to Google, as of June 3, 2013, only 4 percent of Android phone users were running the latest OS version, which would protect users from 77 percent of Android threats.

Cyber-criminals also have found ways to distribute their malware more effectively. Juniper MTC identified more than 500 third-party Android application stores worldwide that are known to host mobile malware. Three out of five malicious third-party stores originate from either China or Russia, Juniper MTC found.

The research also finds several legitimate free applications that could leak corporate data. That's because free mobile applications are more likely to track location and access user address books. Free apps either requesting or gaining access to account information nearly doubled from 5.9 percent in October 2012 to 10.5 percent in May 2013, Juniper MTC said.

"With mobile malware on the rise and attackers becoming increasingly clever, we need better protection for mobile users and corporations," Michael Callahan, vice president of global product marketing for the Security Business at Juniper Networks, said in a statement. "While on one hand the OEMs, carriers and software vendors must collaborate to develop platforms that mitigate large threats, enterprises and government organizations need to take a comprehensive look at protecting their data and networks by adopting a holistic approach to mobile security."

Security product providers realize the challenge, and are developing products to help protect privacy on mobile phones. As an example, Symantec released the latest version of Norton Mobile Security, which provides app privacy protection for Android smartphones and tablets, as well as iPhones and iPads.

The Norton update includes a new intelligence technology called Norton Mobile Insight that provides privacy risk scans, which looks for mobile apps that could put a user's personal information at risk. The new release also extends enhanced anti-theft capabilities to iPhones and iPads with a "scream" alarm.