facebook rss twitter

Android most attractive target for mobile malware writers

by Mark Tyson on 16 May 2012, 10:19

Tags: Google (NASDAQ:GOOG), F-Secure (DTV.BE)

Quick Link: HEXUS.net/qabgrb

Add to My Vault: x

A new report by specialist computer security company F-Secure shows that Android devices have become a major focus for malware writers. Google’s operating system has experienced a near 400 per cent growth in malware families since 2011. In the Mobile Threat Report, a freely downloadable PDF released on Monday, F-Secure statistics show 37 of the 49 new malicious software variants targeting smartphones were specially brewed for Android. The significant rise comes as malware for Symbian experiences a similar decline. This year there were observed to be over 3,000 different obfuscated APK files for delivering Android malware compared to only 139 a year ago.



The most common forms of malware on Android are Trojans. A growing trend is that Android Trojans deliver upon their promises! In his Quote of the Quarter, Sean Sullivan at F-Secure Labs explains: “One of the more interesting mobile phone malware trends we’ve seen in recent months is the growth of Trojans that “deliver on their promises”. In the past, most of the profit driven Trojans aimed at mobile phone users provided a decoy error message and attempted to convince the user that installation had failed...” Users investigating the failure often found they had been electronically taken advantage of. However the new Trojans deliver their illicit copy of promised software in full along with their payload. Sean Sullivan says this often means there is no immediate suspicion by the victim. “At this point, there is little to be suspicious of and nothing to troubleshoot. The user gets the game (or other app) that he was promised.” This means that the malware can have a more active and potentially profitable life.

In February Google launched a malware scanning system called Bouncer, to try and prevent infected apps being distributable within the official Android Play Store. Thus a lot of the infected apps available were found in the wild by F-Secure in third party app stores and/or in foreign markets. The most common profit aim of Android malware is to make money through sending texts to selected premium rate numbers, though there are also banking fraud apps and others. F-Secure's Sean Sullivan suggests keeping to the official Google Play Store for app downloads to minimize your Android malware attack risks.

HEXUS Forums :: 9 Comments

Login with Forum Account

Don't have an account? Register today!
It's the age old problem Microsoft have with Windows - whoever has the largest market share will get the largest share of hacks/exploits/malware unless they can make perfect security - which nobody can. Even Apple's tightly walled garden can be torn down with simple exploits used in jailbreaking.
Can't say I'm particularly surprised that a company that sells anti-virus products for phones should be producing a report showing that mobile OS malware is on the increase. Presumably with a nice link to F-Secure Mobile Security's web page at the end of the report? ;)

Less than impressed with the advice to ‘stick to the official app stores’ as it's pretty obvious/common-sense advice. Heck, it's been said before - you need to go out of your way on Android to use other app stores!

Quick thing on F-Secure's product - not only does it appear to only support old OS revisions, (e.g. doesn't support Android 2.3 that's been out for many, many months), but at £29.95/year it's expensive. AVG's “Pro” version is only £6.30 (purchase, not annual subscription) and McAfee's and Symantec's equivalents are £24.99 and £29.99 per year respectively.
What is the general consensus on the Samsung app store is it safe or a gamble?
What is the general consensus on the Samsung app store is it safe or a gamble?
Same deal as with the app stores that some of the telecom's companies run.

Not that I'm claiming any kind of expertise but the “Security 101 - Lesson 1” for Android was that if you have that “Allow unknown sources” ticked then you need to be careful.

So getting back to SamsungApps - personally I would have thought that (arguably) safer than Google Play. There's going to be a lot fewer apps on there, so I would have thought that Samsung's quality control should squelch any nasty apps.

Nearest I can get to that app store is the stuff punted by the “TegraZone” on my tablet - although in that case TZ seems to be a front to Play. Is SamsungApps a front end like TZ, or is it a proper standalone app store like the Amazon one is - or at least will be when they get around to launching it in the UK! :(
Of course this is to be expected since Android is to smartphones what Windows is to PCs. Ubiquitous, on a wide variety of different hardware, multiple different versions all running simultaneously within the ecosystem, etc.