Top 4 Malware Threats to Android
Yuval Ben-Itzhak, CTO of security vendor AVG Technologies , says that once Android achieved around 10 percent market share, criminals began to see it as a moneymaking opportunity. Its popularity, coupled with the fact that it's written in Java, made it an easy and desirable target.
"Android simplified life for app developers, but also for malware developers," Ben-Itzhak says. They can run their software on top of a Java simulator, allowing it to infect any number of Android devices, regardless of the OS version or hardware type.
As the problem grows, wireless operators are starting to pay more attention to mobile security -- as a way to both protect their customers and make money selling into enterprises. Even so, Juniper Research Ltd. says that currently less than one in 20 smartphones and tablets have third-party security software installed in them. (See SK Telecom Chooses Fortinet for LTE Security, AT&T & Sprint Want More Security for Mobile Users and T-Mobile Makes Good on Enterprise Security for Android.)
Light Reading sister publication InformationWeek outlines the eight most notorious Android malware attacks and five ways to fight them. But we wanted to find out, more generally, what's got Android bugging out.
Here are the top four threats to Android. Consider yourself warned.
1) Spyware apps: Juniper Research Analyst Nitin Bhas says that most malware targeting Android are spyware apps that can harvest a user's private data. These apps can record and export SMS messages, emails, call logs, GPS and more, adds Symantec Corp. (Nasdaq: SYMC) Director Con Mallon.
What's more, some Android apps like Tapsnake and Flexispy, can record phone calls and turn on a phone's microphone.
2) Rogue applications: Rogue apps have become one of the trendiest forms of malware, according to AVG's Ben-Itzhak. For example, a criminal could download Angry Birds, reverse back the binaries into the source code and inject a few lines of malicious code into the game. It looks the same as the original, but once a user reaches a certain stage, it triggers the phone to send an SMS to a premium number.
"An attacker uses this to generate revenue by first setting and registering a premium rate number," adds Mallon in an email to LR Mobile. "Then, the attacker infects mobile devices with malware designed to covertly call or send an SMS message to this number."
The result of this discreet process is the device owner is billed a premium charge on their monthly statement that goes to the hacker, provided they don't notice the up-charge. Mallon says that most carriers allow a premium rate of up to $10 per message, but some allow charges of $50 per message or more.
3) Phishing attacks: Mobile commerce is on the rise, bringing with it a number of security threats. Bhas says that Web- or email-based phishing attacks in which criminals steal banking or other sensitive user data are becoming more common on Android. For example, malware may replace a shortcut to online banking, so that it appears that a user is going to the Bank of America site, but he or she is actually going to a phishing site that looks identical in appearance.
"When you log in, the hacker is doing it in parallel," Ben-Itzhak explains. "You are both interacting with the bank account. This is emerging, and for individuals, it's very scary."
4) Phony in-app promos: Most in-app advertising is annoying, but it can also be dangerous. According to Mallon, apps that encourage the download of additional software without disclosing its exact third-party location are a new vector that Symantec is tracking on Android. The apps that are being promoted don't have user views or security measures in place like those in the official market should.
"This type of in-app advertising abuse makes it difficult for traditional antivirus signature detections to keep up, meaning more advanced detection technologies, such as reputation-based security, need to be leveraged on mobile devices just as they are on PCs," Mallon says.
— Sarah Reedy, Senior Reporter, Light Reading Mobile