Google’s Android mobile operating system has become the top focus for malware programmers, according to a new study from Juniper Networks, which found a 400 percent increase in Android malware since the summer of 2010.
The “Malicious Mobile Threats Report 2010/2011” was compiled by the Juniper Networks Global Threat Center (GTC) research facility. It found that mobile devices have become the latest focus for malware writers, with Android the fastest-growing target.
Juniper’s study found that, despite application downloads representing the main source of infections, the vast majority of smartphone users are not using antivirus software to scan downloads for malware.
The increase in security threats is a result of user disinterest in security, large numbers of downloads from unknown or unvetted sources and the absence of mobile device security software, according to Juniper.
“App store processes of reactively removing applications identified as malicious after they have been installed by thousands of users is insufficient as a means to control malware proliferation,” said Dan Hoffman, Juniper’s chief mobile security evangelist, in a statement. “There are specific steps users must take to mitigate mobile attacks. Both enterprises and consumers alike need to be aware of the growing risks associated with the convenience of having the Internet in the palm of your hand.”
The study found that 17 percent of all reported infections were due to SMS Trojans sending SMS messages to premium rate numbers.
Infonetics research confirmed that mobile devices are growing as a focus for hackers as the smartphone market matures.
“Hackers are now setting their sights on mobile devices,” said Infonetics Research analyst Jeff Wilson, in a statement. “Operating system consolidation and the massive and growing installed base of powerful mobile devices is tempting profit-motivated hackers to target these devices.”
Wilson said a recent survey of large businesses found that nearly 40 percent considered smartphones the device type now posing the largest security threat.
Juniper said consumers should expect to see more advanced attacks against Android, including attacks designed to make Android devices part of zombie botnets.
The company said the first bank phishing application appeared in the Android Market in January 2010.
The iPhone platform is currently at risk from applications that can obtain user data and transmit it outside of the device, the Juniper report said.
The study cited research from the Technical University of Vienna and the University of California, Santa Barbara, which found that nearly half of the 1,400 iPhone and iPad applications analysed leaded various forms of sensitive data to third parties.
“In most cases, application developers used pre-packaged code purchased from advertising agencies, originally intended to collect device information that could be used to build advertising profiles of the device user,” Juniper said in the study.
Data from Juniper’s Junos Pulse Mobile Security Suite found that spyware capable of monitoring any and all forms of communication to and from a mobile device accounded for 61 percent of all reported infections.
On the Android platform, such malware accounted for 100 percent of reported infections.
The company found that one-third of Junos Pulse users lost their device at some point and used the software’s “locate device” capability. Seventy-seven percent of those users then sent a command to lock the device, to keep a third party from using it.
In March Google removed more than 50 malicious apps from its Android Market and issued a security patch, after eventually admitting multiple malware attacks that compromised a number of Android-powered handsets.
The Android team also suspended the associated developer accounts and “remotely” deleted the infected apps from affected devices.
X's global affairs head, Nick Pickles, confirms departure after a decade working at the platform…
British competition regulator closes investigation into Microsoft's hiring of Inflection AI staff, which it deems…
First public response made by Telegram CEO Pavel Durov, after arrest in France over alleged…
US authorities probe fatal four-vehicle crash caused by Ford Mustang Mach-E electric vehicle using BlueCruise…
Margrethe Vestager set to step down as EU competition commissioner after a decade in office…
EU regulators to seek views from industry players on Google's DMA compliance plans ahead of…
View Comments
Internet Security specialist BullGuard recommends that Android users consider two basic security measures to stay safe:
First and foremost, you should think twice before you download applications by finding out who uploaded it, check which rights and actions the app wishes to make use of, and consider whether this sounds right or not.
Secondly, you should install security software on your phone. One of the few security programs on the market for smartphones is BullGuard Mobile Security 10 (www.bullguard.com/why/bullguard-mobile-security-10.aspx) containing an array of security solutions including: Antivirus, Antispyware, Antitheft, Parental Control, Basic Backup and Support. The program can be downloaded from Android Market (https://market.android.com/search?q=bullguard&so=1&c=apps) for $29.95.