Android Malware Infections Increase By 700%

[Fanghawk]

Android Malware Infections Increase By 700%

Approximately 85% of all mobile malware attacks since 2011 occured on Android smartphones.

When it comes to the world of internet security and malware, being the biggest fish in the sea also makes you the biggest target. Such was the case when Windows operating systems dominated the PC landscape in the 90s, and such is the case today in the mobile sphere with Android phones. The platform is <a href=http://www.escapistmagazine.com/news/view/118560-Advertisers-Choose-Android-Over-iOS>fast becoming the mobile operating system of choice, but its rampant growth combined with its open source nature is an ideal breeding ground for virus and malware distribution. Tracking reports by security firm McAfee have revealed that in the last year, malware breaches have grown by an astronomical 700%, putting the Android at approximately 85% of reported malware instances.

The attacks themselves range from standard email and SMS sending malware, to mobile botnets and trojans. Thumb drive, password-stealing, and URL-based malware have sample increases in the millions. Mobile ransomware in particular has become an especially prominent tool for cybercriminals in recent months. Ransomware infects a mobile system to delete photos and personal files, with the demand that users pay an amount of money to restore their phone back to its original state.

So why is Android seeing such high malware figures compared to Apple's iOS? Part of the reason, just as for Android's piracy figures, is the open-source nature of Android but there are other problems. Google's official malware scanner Bouncer, which scans apps to ensure they are not malware, only scans programs that come through the Google Play Store. Any malware coming from third-party sources, which is very common on an open-source platform, won't be inspected by Bouncer.

My instinctive reaction to this is that users should be better educated on how to make their devices more secure, but frankly, a 700% increase implies that steps should be taken to make the platform itself more secure. Google may already have some solutions in the works, including the recent updates <a href=http://www.escapistmagazine.com/news/view/118822-Google-Bans-Third-Party-Android-Billing>to the Android Billing System, which should make purchase-related security upgrades much easier to implement.

Source: VentureBeat

Permalink

 

[Rainboq]

'By McAfee.' You know that the whole point of those companies is to get you to buy their security products, right?

OT: Yeah, that makes sense, and looks like Google is already plugging the holes, so it looks like a step in the right direction.

 

[Dogstile]

Eh, same thing happened with windows, windows is still fine. It'll level out.

 

[FogHornG36]

here is a hint, don't download EVERYTHING on the app store... if everyone on a reveiew says its spyware, even if one person says it, ITS SPYWARE

 

[sunami88]

'By McAfee.' You know that the whole point of those companies is to get you to buy their security products, right?

I came here to say just that. These kinds of stories are posted all the time by big AV companies. I won't believe it until I see it confirmed from another (reliable!) source.

 

[evilneko]

So why is Android seeing such high malware figures compared to Apple's iOS? Part of the reason, just as for Android's piracy figures, is the open-source nature of Android

LOL.

Implying Open Source leads to malware. Simply not true.

 

[The Artificially Prolonged]

Well that is a little concerning but not unexpected given the large user base of android devices. But I guest people will have to learn to use the same discretion when downloading apps for their phone like when installing software on their computers.

 

[thesilentman]

Malware, hmmmmm? Well, this is what happens when we hand smartphones over to a bunch of monkeys known as teenagers. Sorry, what?

OT- ...Dunno what to say. Open source always carries that risk.

 

[Evil Smurf]

that's what you get for being a filthy pirate. Seriously just buy apps next time.

 

[fenrizz]

that's what you get for being a filthy pirate. Seriously just buy apps next time.

Oh, I see.
Everyone that does not install everything through the app store (or play store) is a filthy pirate?

Trolling or just stupid misinformed?

 

[Yopaz]

I don't think the problem here is the Android platform alone, we have become used to the fact that we should stay away from some sites that look shady, web browsers have become quite secure and sometimes warn us when we enter some sites which have been reported as bad. Avoiding infection on a computer has become part of our internet habits by now. It's only recently we have had to concern ourselves with this on our phones so it's harder to avoid it. I guess for once I am happy that most don't bother to work with Symbian anymore.

 

[Smooth Operator]

That is just a straight up lie, numbers like this do not ever just pop up over night.
It's either a case of scare tactics or their faulty statistics, but most likely a combo of both.
Now be sure to buy your McAfee security package today

And for all the "because it's open source", sorry but you are only broadcasting your blatant technical ignorance, don't comment on shit you never bothered to understand.

 

[UberNoodle]

So how about not installing every bit of junk you see on a site and just stick with what is worthy to be on the store?

 

[Oskuro]

The greatest liability in software security has always been users that are not tech-savvy enough to identify potential threats.

Now, question, what type of user profile is the mobile industry primarily aimed at?


Google needs to step up, and a first action they could take would be to have their built-in malware scanner check everything, not just stuff on their store.

Hopefully, and thanks to the Open Sourceness of the platform, Anti-Virus and Anti-Malware apps will start showing up, including free ones, like on the PC.

 

[Kahani]

Avoiding infection on a computer has become part of our internet habits by now.

Actually, I think that's the main problem. Avoiding infection on a computer should be part of our habits, but most people are either incompetent with computers or just plain stupid. According to this report [http://www.antiphishing.org/reports/apwg_trends_report_q1_2012.pdf], over 1/3 of PCs have malware. Even in the very best countries it's 1/5, and only five countries manage less than 1/4. The average person is simply not able to use computers safely, and there's no reason to expect phones to be any different.

Hopefully, and thanks to the Open Sourceness of the platform, Anti-Virus and Anti-Malware apps will start showing up, including free ones, like on the PC.

They've been around for a while already.

 

[Aeshi]

You'd think being Open Source would decrease infection rates due to each device being more unique but oh well.

 

[SpAc3man]

The problem is people not realising their smartphones can get infected with malware. Same reason why Macs have the highest proportion of Java based malware infections out of all platforms.

Android isn't less secure by itself. It is the user that makes it unsecured. Short of more security software on the phones themselves there isn't much you can do about the risk of installing software from outside the Play Store. Educating users perhaps.

 

[Yopaz]

Actually, I think that's the main problem. Avoiding infection on a computer should be part of our habits, but most people are either incompetent with computers or just plain stupid. According to this report [http://www.antiphishing.org/reports/apwg_trends_report_q1_2012.pdf], over 1/3 of PCs have malware. Even in the very best countries it's 1/5, and only five countries manage less than 1/4. The average person is simply not able to use computers safely, and there's no reason to expect phones to be any different.

True, but I phrased this poorly. What I was meaning to say that even people who have the habit of using common sense in order to avoid getting malware may fall into a trap when they use their phones. I wrote that post too early in the morning to have my thoughts straigt, you have the right of it here.

Malware, hmmmmm? Well, this is what happens when we hand smartphones over to a bunch of monkeys known as teenagers. Sorry, what?

OT- ...Dunno what to say. Open source always carries that risk.

You do realize that there's a ton of malware on Windows, an OS which is not open source, while Linux which is open source only got a few. Open source doesn't carry a risk on its own. Hackers target platforms based on user base. There's also a few conspiracy theories that a lot of it is made by companies making anti-virus software in order to get people to buy their products.

The problem is people not realising their smartphones can get infected with malware. Same reason why Macs have the highest proportion of Java based malware infections out of all platforms.

Android isn't less secure by itself. It is the user that makes it unsecured. Short of more security software on the phones themselves there isn't much you can do about the risk of installing software from outside the Play Store. Educating users perhaps.

You know, I mentioned something along the lines of this in the discussion earlier about the benefits of using Macs. A lot of the comments were that you didn't need to install any software to protect from malware which I think is one of the biggest dangers of using a Mac. There may be less malware, but a lot of it seems to be made with the intention to steal bank/credit card information and practically no-one is protected against it.

I also agree that the realization that phones can get malware isn't widespread either.

 

[Covarr]

700% increase in malware SAMPLES. Not INFECTIONS. That means there are 7 times as many unique varieties of malware in the wild, and says nothing to how many people are actually victims. It could be a 2000% increase in infections, or it could be that more malware is competing for the same share with no increase at all in total infections. Maybe a lot of these are new versions of old malware. We just know how many types there are that McAfee has seen, not how many people have them, or even how compatible they are with each other. Does one malware have to clear another to make room for itself, for example?

You've gotta be extremely careful with charts, and graphs. Read what they say, not what they imply, and don't get suckered by big, shocking numbers like 700.

P.S. Thanks