Android Malware Up Five-Fold in Third Quarter, Study Finds
By Jennifer LeClaire / Mobile Tech Today. Updated October 22, 2012.
Mobile-industry watchers have long known that Android is under attack. But new revelations from Trend Micro's third-quarter report show a dramatic uprising against Google's mobile operating system.
Indeed, Trend Micro reports that "high-risk" and "dangerous" applications targeting Android users climbed from nearly 30,000 in June to almost 175,000 in September. With only 20 percent of Android device owners using a security app, that means the threats are very real. Trend Micro says users need to understand what permissions apps seek before approving them and unintentionally sharing sensitive information.
Raimund Genes, CTO at Trend Micro, is not surprised to see such a huge increase in mobile malware. That, he said, is because Android is the dominant smartphone platform, with an amazing success story.
"The digital underground reads the statistics and analysts reports as well, and they figured out ways to make money with mobile malware," Genes said. "And unlike your computer, getting information from your phone also reveals your location, the phone numbers you have called -- and more -- all stuff which could be sold. Our report digs deep into mobile malware, a must read!"
PayPal, LinkedIn and Advanced Persistent Threats
Some apps -- like ones that secretly purchase premium smartphone services -- are clearly criminal. But others -- like "aggressive adware" apps that collect more personal information than the user has authorized -- are more of a privacy threat.
According to Trend Micro, although most adware is designed to collect user information, there is a fine line between collecting data for simple advertising use and violating a user's privacy. Because adware normally collect user information for legitimate purposes, they can serve as an effective means to gather more data than some would want to give out.
Beyond Android, Trend Micro pointed out several notable third-quarter trends. For example, the firm discovered dangerous zero-day exploits targeting Java and Internet Explorer. The IE vulnerability was used in an advanced persistent threat (APT) campaign. And
ZeroAccess malware, sometimes found on peer-to-peer sharing sites, were the top infector in the computing public this quarter. The old DOWNAD/ Conficker worm came in a close second.
Meanwhile, PayPal attracted the most phishermen while LinkedIn topped the list of chosen Blackhole Exploit kit targets. Spam likely arrived from Saudi Arabia or India. Corporations and governments were still viable APT targets. Lurid and Nitro APT campaign improvements were also noted. And social media threats and privacy concerns lived on.
No Google Safety Net
Graham Cluley, a senior security analyst at Sophos, said in mobile malware, the growth is specifically in Android.
"It's a much more open platform than iOS, and there are plenty of opportunities for cybercriminals to distribute Android code that either pretends to be a cracked version of a legit app, or to make money by sending expensive SMS messages to premium rate numbers," Cluley said.
"It's becoming clearer every day that users cannot rely upon Google alone to keep them safe from malware threats on Android. My recommendation is that Android users install an antivirus onto their device, and exercise caution over what apps they install."