U.S. Gov't Warned Staff: Android Malware Widespread, Use Protection

In 2012, 79 percent of malware was focused on Android. The government warned employees to use patches and stay up-to-date.

Google's Android operating system continues to be the predominant target of malware threats, and we mean predominant. In 2012, Android was the target of 79 percent of malware threats, compared with 0.7 percent for iOS, 0.3 percent for BlackBerry and 0.3 percent for Windows Mobile, the U.S. Departments of Justice and Homeland Security said in an unclassified July 23 release intended for police, fire, EMS and security personnel.

The Next Web discovered the release and reported on it Aug. 26.

The government report pointed to industry reports stating that 44 percent of Android users are still using Gingerbread versions of Android (versions 2.3.3 through 2.3.7), which were released in 2011 and "have a number of security vulnerabilities that were fixed in later versions."

The report points out three particular security threats. The first, Short Message Service (SMS) Trojans, represent nearly half of the malicious applications currently circulating, it says. Text messages are sent to premium-rate numbers, "potentially resulting in exorbitant charges for the user."

In the second, rootkits, malware is hidden from normal types of detection and logs the user's keystrokes, passwords and location without the user's knowledge.

Finally, fake Google Play domains allow users to browse and download apps, movies, books, music and other content, while stealing sensitive information, such as financial data and log-in credentials.

The report says Android is singled out for being the world's most widely used mobile OS, and that given the growing dependence on mobile devices by federal, state and local authorities, it's "more important than ever to keep mobile OS patched and up-to-date."

Malware Incidents on the Rise

Earlier this month, Trend Micro warned that vulnerabilities in Android are among its top security concerns.

"Due to the fractured nature of the Android network, it is very difficult for patches to reach all users in an effective timeframe," JD Sherry, vice president of technology and solutions at Trend Micro, said in a Aug. 8 statement. " Until we have the same urgency to protect mobile devices as we do for protecting PCs, this very real threat will continue to grow rapidly.

According to Trend Micro, it took three years to reach 350,000 high-risk apps—but only six months for that figure to double.

During the second quarter, it added, premium service abusers remained consistent, but the firm saw an increase in the "data stealer volume," said Research Director Linda Barrabee, which "may indicate the continued sophistication of this threat type."

On Aug. 12, the Bitcoin Foundation announced that Android had also opened up Bitcoin users to vulnerabilities. The company warned users about the issue on its Web site and recommended that anyone with an Android wallet upgrade their version of the upgrade their software and perform several reparative steps.

"Because the problem lies with Android itself, this problem will affect you if you have a wallet generated by any Android app," the company warned users.