Mobile security

Android's Still a Malware Magnet

Even after several years on the market and continuous software updates and security patches, Android appears to be a major target for cybercriminals.

Android accounted for 60 percent of the infections that infiltrated mobile devices in the third quarter, according to new research from Alcatel-Lucent (NYSE: ALU)'s Kindsight Security Labs division. That compared to the less than 1 percent of infections that attacked iPhones or BlackBerrys. The remaining devices were Windows computers tethered to the mobile network via a phone.

In general, malware infections of mobile networks have grown 20 percent in 2013, the report says. In the third quarter, 0.6 percent of devices were infected, versus 0.52 percent in the first quarter, but the infection rate was more than 1 percent only on Android devices. (See: Alcatel-Lucent Unveils Motive Big Network Analytics Solution.)

Alcatel-Lucent put out its findings one week after F-Secure Corp. reported finding 259 new mobile threat families and variants of old ones in the third quarter of this year. Of those, 252 attacked Android, compared to seven that infected old Symbian devices. (See: F-Secure Finds 252 New Android Threats.)

I admit I didn't realize the Android malware issue was still such a big issue. The potential for wrongdoing has been a criticism of its open ecosystem since day one, but it appears the hackers and cybercriminals are innovating just as fast as Android is on its operating system.

A lot of times, the infections are brought on by user error -- downloading a nefarious app, unlocking a device, or updating to insecure software. The wireless operators are stepping up to help address the issue, which can hurt the customer experience or even their networks. It can also be a revenue generator, which is another big reason they're interested.

AT&T Inc. (NYSE: T), for example, has begun bundling in Lookout mobile security software with all its Android smartphones and tablets. It will get a cut of the profits for each customer who upgrades from the free app to the premium version, and its customers don't have to feel insecure about using an Android.

This, along with the more network-centric aspects of security, will be the focus of our live chat tomorrow, as well as the Mobile Network Security Strategies conference next month in New York. Plan to join us right here on our Live Chat Message Boards at 11:00 a.m. EST/8:00 a.m. PST, but consider logging in from your computer and not your Android phone.

— Sarah Reedy, Senior Editor, Light Reading

Interested in learning more on this topic? Then come to Mobile Network Security Strategies, a Light Reading Live event that takes place on December 5, 2013 at the Westin Times Square Hotel in New York City. For more information, or to register, click

Page 1 / 2   >   >>
Kruz 11/15/2013 | 1:43:15 PM
Re: Open means vulnerable? Yes. Fragmentation was always a set back for Android. And even though the numbers of malware out there are still low, the smartphone infection is damaging as your smartphone might have a wallet with mobile money connected to air time for example. Smartphone malware should be carefully monitored.
Sarah Thomas 11/15/2013 | 12:13:00 PM
Re: Open means vulnerable? That's true that criminals go where the money/eyeballs are, and Android is where it's at. I think the open nature of it used to be a bigger issue. Also, good point about the outdated OSs. I think that falls under the user error category. If you root the phone or don't keep it updated, it becomes more susceptible. 
Kruz 11/14/2013 | 11:54:31 AM
Re: Open means vulnerable? Open does not mean vulnerable.

With a worldwide market share of 81.9% for Android, compared to a 12.1% for IOS, Android is much more prone to malware (97.2% of Q3 infections).

This is a direct side effect of being successful, as the OS generates interest for malware developers as well as for Antivirus makers(yes, we all know from where some malware originate)

And this is nothing new - when comparing Windows to Linux in terms of malware, the numbers are ridiculously distant while Android's is based on Linux.

One thing to be mentioned that drives malware infections on Android is the fragmentation that exists in the Android world and the level of control Android gives to user:

- 2.3 for example, which is an aging Android revision, is still very popular even now when the version 4.4 is out

- Rooting your Android Device gives certainly more to users but increases the risk of malware
MordyK 11/14/2013 | 10:26:37 AM
Re: Open means vulnerable? LR apparently no longer highlights links. clickon the words "this article"
Sarah Thomas 11/14/2013 | 10:14:24 AM
Re: Open means vulnerable? Don't see the article, Mordy.
Sarah Thomas 11/14/2013 | 10:13:52 AM
Re: 0.6% a big issue? Sure, the numbers are low, but I think the fact that malware attacks on Android are growing, whereas other mobile OSs haven't been infected, is concerning. It at least warrants exploring why Android is so much more vulnerable.
pdonegan67 11/14/2013 | 8:56:22 AM
0.6% a big issue? I don't think I'd describe a mobile device infection rate of 0.6% as a big issue.

I think 99.4% of mobile devices not being infected is a remarkable achievement, due in large part to the investments that a lot of operators have made in network security infrastructure and device software to deal with a lot of this malware. But for that the infection rate would undoubtedly be a lot higher.

Consider the 11% infection rate in home networks (PCs etc) cited in the same Alcatel-Lucent/Kindsight report, of which more than half are termed "high-level threats such as a bots, root-kits, and banking Trojans".

The data shows the mobile device infection rate inching up from 0.5% in Q1 to 0.6% now. I'd say big congratulations to the mobile ecosystem as a whole for keeping it so low so far. There are increasingly testing times ahead as LTE scales up and new IP interfaces and protocols expose the mobile network still more but sofar: good job.
MordyK 11/13/2013 | 8:13:58 PM
Re: Open means vulnerable? No opinion here but I'll add this article as a counterpoint
Sarah Thomas 11/13/2013 | 5:10:55 PM
Re: Open means vulnerable? I was going to disagree, but then remembered i had an Android for 6 months and never downloaded any security apps... I think it's a good call to bundle Lookout for AT&T. The problem, I've heard, is that the free app is so good, not a lot of people upgrade to premium. I wonder if it'll end up being a good source of revenue for AT&T.
Phil_Britt 11/13/2013 | 5:07:17 PM
Re: Open means vulnerable? The important element here is that if users are being entrusted to handle security, they won't. They're just to lazy to use secure passwords or to download apps from unknown sources.

So bundling security as part of an app forces the user to practice "safe mobile use" to a point. The Apple products have also avoided NFC so far, and that can be unsafe unless secured in the cloud, rather than at the user level.
Page 1 / 2   >   >>
Sign In