Android Malware Hits Record Heights, Report Warns
Juniper Networks has observed a 472 percent jump in instances of Android malware since last summer, with spyware and SMS Trojans representing some of the more prominent types of mobile malicious software. Android's open applications store model is to blame for the prevalence of malware directed at the platform, Juniper concluded.
Nov 18, 2011 5:00 AM PT
Android malware has increased 472 percent since July, a new report from Juniper Networks warned earlier this week, with the months of October and November shaping up to see the fastest jump in Android malware ever discovered, the company stated.
The number of Android malware samples identified in September increased by 28 percent over the number of known samples, according to research by the Juniper Global Threat Center.
October, however, showed a 110 percent increase in malware sample collection over the previous month and a full 171 percent increase over what had been collected up to July 2011, Juniper stated.
Previously, Juniper reported a 400 percent increase in Android malware between 2009 and the summer of 2010.
'The Vulnerabilities Remain'
At the same time, the malware used today is becoming increasingly sophisticated, Juniper noted.
For instance, last Spring, Juniper began seeing Android malware that was capable of leveraging one of several platform vulnerabilities, allowing the malicious code to gain root access on a device, in the background, and then install additional packages, which would extend the functionality of the malware, the company explained.
Since the vulnerabilities remain in about 90 percent of Android devices out there, just about every piece of malware currently released targets them, Juniper said.
Spyware and SMS Trojans
Most such malicious applications target communications, location or other personally identifying information, Juniper said.
Of the known samples to date, 55 percent act as spyware, and 44 percent are SMS Trojans, which send SMS messages in the background to the attacker's premium-rate numbers. Once those messages are sent, the money is not recoverable, Juniper pointed out.
Android's open applications store model is to blame for the prevalence of malware directed at the platform, Juniper concluded.
'Anything Can Be Uploaded'
Indeed, "Apple locks everything down and inspects every app submission, and there's only one channel where you can get those apps," Chris Hazelton, research director for mobile and wireless with the 451 Group, told TechNewsWorld.
With Android, on the other hand, "no one inspects the apps," Hazelton noted. "Anything can be uploaded to the Android Market," and there are many ways to get Android apps.
While Google has been very quick to remove offending apps from its store and from users' devices once it learns about them, "I think they should be more proactive, with some tools in place to inspect these apps," Hazelton suggested.
In addition, "there needs to be security at the device level too," he added. "It could be antivirus, or it could be other tools. Hopefully there will be a new way of protecting these devices."
Google earns far more from Android than hardware makers, carriers or app developers do thanks to the advertising revenue it collects, so "it has the most to gain by making Android more secure and Android apps more trustworthy," Hazelton pointed out.
'Google Has to Play a Role'
Indeed, "Google has to play a role in monitoring and protecting their users," tech analyst Jeff Kagan agreed.
Meanwhile, Kagan also expects security firms like [Symantec] and McAfee to see "an enormous opportunity to expand their coverage," he told TechNewsWorld.
"We have been warning users of the coming threat to the mobile world," Kagan concluded. "It looks like it is finally here."
'Don't Be the Early Adopter'
So what can users do to protect themselves in the wake of all this?
"Don't be the early app adopter," Hazelton warned. "If there are no downloads or ratings already, don't download the app. You really can't trust unknown developers."
Users should also pay attention to what permissions Android apps request, Hazelton said.
"Question why they need access to certain data," he suggested. "You can't line-item veto particular features of an app, but maybe that's something Google should address."
Either way, "the worst-case scenario is your device is hacked and used to listen in on your conversations or follow where you're going," Hazelton noted. "That's pretty scary."