Android Malware Increased by 3,325% Last Year
Mobile malware more than doubled in 2011 growing 155% across all platforms: Apple’s iOS, Research In Motion’s BlackBerry and Symbian. Java ME, popularly used on Symbian and Windows Mobile devices, lagged behind, increasing by a little less than 50%. Anyway the big winner is easily Android with its 3,325 percent malware increase. And the big losers are Android users who’ve become victims of cybercrime.
A TechWeek article on the precipitous jump in mobile malware says malware can be classified into categories: Short Message Service (SMS) Trojans and spyware.
“Spyware [is] the most common form [of malware], accounting for about 63 percent…. Spyware on mobile devices generally goes after GPS data, text messages, contacts and browser activity and transmits it to a third-party.
“SMS Trojans, accounting for 46 percent of malware, trick users into agreeing to send premium SMS messages to attackers. As they generally run in the background, users are usually unaware these messages are being sent until they see the charges on their bills.
“Scammers often piggyback SMS Trojans onto “fake installers”, which are apps that trick users into paying for them even though they may be legitimately available for free. These fake installers create a “low barrier to entry” for cyber-criminals interested in mobile scams but lacking the technical skills….
“Application stores are the prime delivery mechanism for infected apps, and it is far easier to turn around these types of apps rather than those targeting actual vulnerabilities.”
The figures come from a Juniper Networks’ report, which examined more than 793,631 applications and 28,472 unique malware samples. The report notes that, “Despite the eye-popping growth figures, the total number for mobile malware remains minuscule, compared with malware targeting traditional computers.”
While every mobile device is under attack, Google’s Android seems to be drawing the most fire because of “the platform’s diverse and open marketplace where developers are free to post their apps.” Also, it doesn’t hurt (well it does users if not Google) that Android’s market share in the mobile space is 46.9 percent “statistically the same as the proportion of Android malware.”
Security expert, Juniper’s Daniel Hoffman, puts it this way, “Hackers are incented to target Android, because there are simply more Android devices as compared to the competition.”
What about Apple? It turns out “Apple is slightly more secure due to its screening policies and closed marketplace.” However iOS users have jailbreaking to contend with. Not familiar with it? Jailbreaking is the process of removing the limitations set by Apple on devices running the iOS operating system. It allows users and hackers to gain root access to the operating system to download apps, extensions and themes (and malware) not available through the Apple App Store.
TechWeek says, “Mobile devices are just as vulnerable to browser-based attacks triggered when a user navigates to a malicious website as computers. There are fewer choices available for iOS users when it comes to security products to protect them from these kinds of threats.
“This lack of software protection and a competitive security market leave users with little protection if malware were ever to make it through Apple’s application-vetting process.”
ThreatMetrix™ offers protection from every type of malware forevery type of device. ThreatMetrix’s complete package of online protection provides secure browsing technology that protects smart phones and other devices against malware and stops man-in-the-browser (MitB) attacks. (See this week’s press release, “ThreatMetrix Launches TrustDefender Mobile to Help Identify Fraudulent Transactions Originating from Mobile Apps.”) The ThreatMetrix™ Cybercrime Defender Platform is the first industry solution that integrates sophisticated malware detection and advanced device identification technologies in a single, unified platform. This unified approach to cybersecurity is a game changer. By integrating malware detection and device identification with shared, centralized intelligence, ThreatMetrix delivers the unique ability to protect the integrity of entire online transactions. And, it’s done without relying on passwords, user names and cookies to protect its clients. The ThreatMetrix Cybercrime Defender Platform uses anonymous data from the computer, its connection to the Internet and contextual data from a transaction to sniff out cybercriminals of all types, as well as spies and hackers of all types.
