Apps Often Are Traps. Over a Third of Android Apps Have Malware.

Jul 31Apps Often Are Traps. Over a Third of Android Apps Have Malware.

Like a Venus Flytrap waiting to ambush a poor bug, a nasty bug could be sitting in your favorite app. At the NetEvents Americas conference, Jill Knesek, head of the global security practice at UK telecom-service provider, BT, noted, “We analyzed more than 1,000 Android applications and found a third compromised with some form of active or dormant malware. Almost every device is compromised with some kind of malware, although often it’s not clear if that code is active or what it is doing.”

Wayne Rash, a technology journalist at the conference, said he was reviewing a Samsung Galaxy S3 handset and found malware in an Android application provided by Google. “This is a device considered by some people to be the best smartphone on the market right now,” he said, adding, “There’s plenty of anti-malware software available for Android and other mobile operating systems, but companies don’t often insist on using it.”

If his last remark were directed at Google, he’ll likely be buying the next Google product he reviews.

In any case, the eetimes.com piece by Rick Merritt quoted Knesek as saying that malicious code is just one example of the many security vulnerabilities in mobile systems. Knesek, a former cybersecurity expert for the FBI, commented acidly, “It’s going to take one young woman to be stalked, raped and killed before people realize the need security on GPS.”

More people in the security industry are aware of the threat and making business and government aware of it. Recently, a researcher testified before Congress about security holes in GPS. And, at Black Hat USA 2012, mobile vulnerabilities were also a hot topic.

Knesek, observing that even biometric security technologies have their vulnerabilities, predicted, “I think hackers will steal biometrics with man in the middle hacks–handsets need to be encrypted end-to-end as the Backberry does.”

One bit of positive news is the introduction of the latest deep-packet inspection (DPI) chips for a new wave of application-aware firewalls that make it possible to detect and block individual applications.

Jurrie van den Breekel, a director of marketing for Spirent Communications, says, “You will be able to select what kind of app you allow–you can block DropBox and Skype, for example, to prevent corporate data from winding up on those services.”

Leave a Reply

Your email address will not be published. Required fields are marked *