A new age of malware for Android users

Allan Swann
January 29, 2013

It would appear that the golden era of smartphone safety is coming to an end, as the criminal element moves its focus away from the dying PC market and on to the smartphone market.

It makes a lot of sense – smartphone users are very naive when it comes to security, and vast swathes of the market are not particularly tech savvy. The smartphone and the tablet are mainstream devices with little history of security problems – which is also part of its appeal.  While this appears to be a harsh new reality that smartphone users (especially in the corporate environment) will soon have to come to grips with, there are still those that believe that the anti-virus companies are simply trying to create a new market to exploit.

Trend Micro’s annual security report makes for grim reading – malware targeting Google’s Android platform increased from just 1000 threats at the beginning of 2012, to 350,000 by year end. This  shocking acceleration in malware growth means that it has taken Android less than three years to  reach the volume of malware that it took 14 years for the PC  to reach.

This is far in excess of Trend Micro’s own predictions, which was for around 10,000 more apps to come online per month across 2012. It had pegged 45,000 in September – it had already hit 175,000 by then.

Given that IDC is now estimating that 75% of all smartphones sold are running Android, its pretty obvious that in the eyes of the criminal element Android is the new PC. Given that in the post-PC era Windows is fading as the mainstream users’ key platform of choice for accessing the internet, this makes perfect sense.

The two major assaults have come from what Trend Micro calls ‘premium service abusers’ and high risk apps. The first relates to threats that trick users into subscribing to services that add to users bills. The second is more conventional, these are threats that hack into your phone to acquire sensitive data without the users consent.

Much of this has been spread by ‘fake’ apps – that is, knock off apps that look (to the casual eye) the same as the real thing. The scary thing is, in the wild west that is Android, much of this stems from ‘legitimate’ ad companies, rather than the Russian gangster stereotypes of viruses that plague the home PC. According to Trend Micro’s report, companies like Airpush are using adware to get their clients ads clicked on, with users often non the wiser. Whether you determine pop up ads to be ‘malicious and dangerous’ is up to you.

One of the most popular ‘fake apps’ running around is the fake version of Whats App, the popular texting program. It has been popping up on Facebook, but the link leads users to a page that gives the fake app permissions to access features on your phone. The most popular social engineering links in the last quarter also had a UK link, as the London Olympic games were regularly used to lure users to dodgy parts of the internet. It was joined by Obama, iPhone 5, World of Warcraft and 9/11.

Trend Micro estimates that just 20% of Android users have an anti-virus or other security measure installed on their phone. Even scarier, Trend Micro is predicting that by the end of 2013, there will be 1 million threats.

Much of this has been spread through Java (which is on almost every platform), which now makes Steve Jobs’ moves to remove Java capabilities from iOS and MacOSX seem pretty sharp. Despite Trend Micro’s evidence against Android, Apple remains relatively unscathed. The sad fact is that the company’s locked down App store (which limits flexibility and control for the user) is actually proving to be a boon – apps have to be verified by Apple personally before they’re allowed on the App Store and this is obviously filtering out a lot of these app based attacks.

About the Author

Share this article