Android Security Threats Rise, Online Banking Malware Jumps

Trend Micro's report warns Android users to expect more security issues in 2013 due to an increase in malware and low use of protection.

Increased online banking threats, the growing availability of sophisticated, inexpensive malware toolkits and continued vulnerabilities to the safety of Google’s widely disseminated Android mobile operating system were among the key security concerns listed in security software specialist Trend Micro’s Q2 2013 Security Roundup Report.

The report, which describes cyber-security threats from the previous quarter combined with analysis to evaluate and anticipate emerging attacks, warned of increasing hazards to online banking, which saw malware increasing 29 percent from the previous quarter–from 113,000 to 146,000 infections. The United States was the top target of malware, with more than one million instances amounting to 28 percent of global compromises.

The Android operating system remains a prime target for cyber-criminals, as Android’s user base expands but security remains weak. The number of malicious and high-risk Android apps has grown to 718,000 in the second quarter–a massive increase from the 509,000 high-risk apps found in the previous quarter, according to the report. These malicious apps are on track to exceed one million by year's end, Trend Micro projected.

"Due to the fractured nature of the Android network, it is very difficult for patches to reach all users in an effective timeframe. In some cases, users will never get patches as vendors leave their customers at risk of attack," JD Sherry, vice president of technology and solutions at Trend Micro, said in a statement. "Until we have the same urgency to protect mobile devices as we have for protecting PCs, this very real threat will continue to grow rapidly. At the rate this malware is accelerating–almost exponentially–we appear to be reaching a critical mass. To fight this, Android users need to take great care when using their devices and take the simple, but effective, step of adding security software to all mobile devices."

Approximately only 30 percent of all Android smartphones and tablets in the United States have any type of security app installed today, Linda Barrabee, research director for connected intelligence at IT analytics firm The NPD Group, noted. Due to this fact and Android’s fragmented distribution across a wide variety of mobile devices, makes it likely that these security risks will continue to grow.

"Premium service abusers remained the most dominant mobile threats. While the mobile threat type ranking remained consistent with the previous quarter’s, we saw an increase in the data stealer volume, which may indicate the continued sophistication of this threat type," the report noted. "The number of malicious and high-risk apps took three years to reach 350,000; a number that already doubled in just six months."

Finally, the report found that the methods for selling malware toolkits have evolved. Sophisticated malicious tools are now being sold through inexpensive, free or bundled pricing schemes, such as two-for-one packages. The report warned that this ease of access to effective malware toolkits increases the hazards Internet users would face going into the remainder of 2013 and beyond.