Android Malware Continues to Grow

There are many players in the mobile device landscape, with Apple iOS, Google Android, Blackberry and Windows Phone all competing for market share. When it comes to malware, however, one vendor is the clear leader — Android.

According to the new 2013 Mobile Threats Report from the Juniper Networks Mobile Threat Center, 92 percent of mobile threats are now targeted at Android. That’s up from 47 percent in 2012.

“That’s an incredible number and it shows not only where attackers are finding opportunities, it shows where attackers are finding ways to make money, and that’s why they are focusing on Android,” Michael Callahan, vice president of global security product marketing at Juniper, told eSecurity Planet.

Inside that Android malware base, 73 percent of all attacks are from some form of fake installer. In a fake installer attack, the android user goes to a mobile app store that is different than the default Google Play store. Juniper found at least 500 such non-Google Play app stores that were all serving fake installer-based mobile malware.

“The fake installers are dominant because the attackers can make so much money from them,” Callahan said.

With the fake installer attack, a user goes to a non-Google Play store and downloads an app they want. In addition to whatever app the user intentionally wants to install, the app store is also placing a fake installer on the mobile device, which can often leverage Android’s SMS features.

With Android’s SMS, users are able to send a message that can be used for legitimate charitable donation purposes. The fake installers abuse that SMS functionality, sending donation payment SMS messages to the attacker, who is then able to collect the money.

“We reverse-engineered one of the fake installers and found that the attacker was making $10 per SMS message,” Callahan said.

What Can You Do?

While the prospect of being infected by mobile malware that sends paid SMS messages out without user authorization is frightening, there is a simple fix.

In Juniper’s research, the vast majority of malware was found in non-Google Play app stores. While Callahan noted that some malware can and does land in Google Play, it is a rare occurrence.

“Where users get into trouble is when they visit one of the 500 non-Google Play app stores, because they feel more aligned with them for some reason,” Callahan said.

That alignment could be due to language or regional issues as well as cost.

“If users go the legitimate route, the chance of something bad happening is pretty slim,” Callahan said. “It’s similar to what we’ve all been taught to do with email: You just don’t click on stuff from people you don’t know.”

Sean Michael Kerner is a senior editor at eSecurity Planet and Follow him on Twitter @TechJournalist.

Latest articles

XDR Emerges as a Key Next-Generation Security Tool

Corporate networks are complex, and so is the myriad of cybersecurity solutions that protect them. Trying to manage all the security tools in a...

Best Encryption Tools & Software for 2020

Enterprises can invest in state of the art threat defenses like next-gen firewalls, microsegmentation and zero trust tools, but even the very best tools...

SASE: Securing the Network Edge

Dramatic growth in Internet of Things (IoT) devices and external users have forced IT departments to move storage and processing functions closer to the...

Kaspersky vs. Bitdefender: EDR Solutions Compared

Kaspersky and Bitdefender have very good endpoint security products for both business and consumer users, so they made both our top EDR and top...

Related articles


Please enter your comment!
Please enter your name here