Digital Identity Blog

Thought leadership for cybersecurity, fraud and digital channel professionals

Android Malware Increased by 3,325% Last Year

By ThreatMetrix
ThreatMetrix®, The Digital Identity Company®, is the market-leading cloud solution for authenticating digital personas and transactions on the Internet. Verifying more than 20 billion annual transactions supporting 30,000 websites and 4,000 customers globally through the ThreatMetrix Digital Identity Network®, ThreatMetrix secures businesses and end users against account takeover, payment fraud and fraudulent account registrations resulting from malware and data breaches.
Follow ThreatMetrix ThreatMetrix's Most Recent Posts:

Mobile malware more than doubled in 2011 growing 155% across all platforms: Apple’s iOS, Research In Motion’s BlackBerry and Symbian. Java ME, popularly used on Symbian and Windows Mobile devices, lagged behind, increasing by a little less than 50%. Anyway the big winner is easily Android with its 3,325 percent malware increase. And the big losers are Android users who’ve become victims of cybercrime.

A TechWeek article on the precipitous jump in mobile malware says malware can be classified into categories: Short Message Service (SMS) Trojans and spyware.

“Spyware [is] the most common form [of malware], accounting for about 63 percent…. Spyware on mobile devices generally goes after GPS data, text messages, contacts and browser activity and transmits it to a third-party.

“SMS Trojans, accounting for 46 percent of malware, trick users into agreeing to send premium SMS messages to attackers. As they generally run in the background, users are usually unaware these messages are being sent until they see the charges on their bills.

“Scammers often piggyback SMS Trojans onto “fake installers”, which are apps that trick users into paying for them even though they may be legitimately available for free. These fake installers create a “low barrier to entry” for cyber-criminals interested in mobile scams but lacking the technical skills….

“Application stores are the prime delivery mechanism for infected apps, and it is far easier to turn around these types of apps rather than those targeting actual vulnerabilities.”

The figures come from a Juniper Networks’ report, which examined more than 793,631 applications and 28,472 unique malware samples. The report notes that, “Despite the eye-popping growth figures, the total number for mobile malware remains minuscule, compared with malware targeting traditional computers.”

While every mobile device is under attack, Google’s Android seems to be drawing the most fire because of “the platform’s diverse and open marketplace where developers are free to post their apps.” Also, it doesn’t hurt (well it does users if not Google) that Android’s market share in the mobile space is 46.9 percent “statistically the same as the proportion of Android malware.”

Security expert, Juniper’s Daniel Hoffman, puts it this way, “Hackers are incented to target Android, because there are simply more Android devices as compared to the competition.”

What about Apple? It turns out “Apple is slightly more secure due to its screening policies and closed marketplace.” However iOS users have jailbreaking to contend with. Not familiar with it? Jailbreaking is the process of removing the limitations set by Apple on devices running the iOS operating system. It allows users and hackers to gain root access to the operating system to download apps, extensions and themes (and malware) not available through the Apple App Store.

TechWeek says, “Mobile devices are just as vulnerable to browser-based attacks triggered when a user navigates to a malicious website as computers. There are fewer choices available for iOS users when it comes to security products to protect them from these kinds of threats.

“This lack of software protection and a competitive security market leave users with little protection if malware were ever to make it through Apple’s application-vetting process.”

By ThreatMetrix Posted