backtop


Print 29 comment(s) - last by JPForums.. on Jun 27 at 10:55 AM

About 92 percent of malware is directed at Android

Keep a closer eye on your smartphones: mobile malware skyrocketed 614 percent over the past year.

According to Juniper Networks' annual Mobile Threat Report, mobile malware grew by 614 percent from March 2012 to March 2013. This equates to 276,259 troublesome apps and vulnerabilities.

The study took a look at about 1.85 million total apps and vulnerabilities in that period of time. This 614 percent was a huge hike from the mobile malware increase of only 155 percent from March 2011 to March 2012. 

About 48 percent of the malware came from SMS trojans, which get users to send text messages to numbers ran by cyber thieves. Another 29 percent came from fake installs, the remaining 19 percent came from Trojan Spy malware. 

There were fake versions of apps that proved to be malicious, and the top imitators were of Angry Birds, Adobe Flash, Google Play and Skype. 


"There's no doubt mobility will continue to be a pervasive and disruptive force across every industry," said Troy Vennon, Juniper Networks Mobile Threat Center director. "We have found that it has created an easy business opportunity for malware developers who are becoming savvy in their approach to quickly turn profits in a rapidly growing market. We anticipate that similar to the evolution of PC-based threats, mobile attacks will continue to increase and become more sophisticated in the coming years."

Juniper Networks added that Android users are the main target of mobile malware, mainly because Android makes up about 60 percent of the smartphone market globally. In fact, the new report says that 92 percent of malware found was directed at Android devices. 

Another reason that Android is a prime target is because users rarely update to the latest software versions of the OS, meaning that they're not receiving the latest security updates from Google. 

Want to stay safe out there? Run software updates on your phones and avoid buying apps from unknown app stores. The same goes for users on any other platform; not just Android.

Source: CNET



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

not so
By juserbogus on 6/26/2013 9:00:28 AM , Rating: 1
quote:
mainly because Android makes up about 60 percent of the smartphone market globally
even when Android didn't, it was still the majority target.




RE: not so
By Gio6518 on 6/26/2013 9:14:52 AM , Rating: 3
Hmmmmm.. IOS has 387 security flaws, compared to Androids 13.... Who's going to be infected first?????


RE: not so
By juserbogus on 6/26/2013 9:34:39 AM , Rating: 2
hmmm.... history shows android.


RE: not so
By testerguy on 6/26/2013 10:08:51 AM , Rating: 2
quote:
IOS has 387 security flaws, compared to Androids 13


[Citation required]


RE: not so
By Cheesew1z69 on 6/26/2013 10:16:27 AM , Rating: 2
Really doesn't take much to find it...

http://www.veracode.com/blog/2013/04/if-ios-is-les...

If you assumed that was because Android was the operating system with the most exploitable vulnerabilities, you would be wrong. In fact, just the opposite is true. It’s Apple’s iOS that was the source of almost all the documented mobile application vulnerabilities among the mobile platforms Symantec monitored, including Android, iOS, Blackberry, Windows Mobile and the like. iOS accounted for 387 of 415 documented vulnerabilities across all mobile platforms – a bit more than 93 percent, found.


RE: not so
By testerguy on 6/26/13, Rating: -1
RE: not so
By anactoraaron on 6/26/2013 11:27:11 AM , Rating: 2
If someone is dumb enough to download a 'free' app from someplace sketchy and bypass the security settings in android to allow them to install a non market third party app and get infected with some form of android malware, then they are getting what they deserve. (this is where most of the android infections come from - third party app sites)

quote:
So it seems like Apple is more secure where it matters (the apps)


That's entirely up to the developers there. Apps can be written to take advantage of the vulnerabilities present in iOS/android, both Google and Apple do the same thing...

1. Approve the app for sale for the store.

2. Once the app is reported by someone to be malicious, remove said app from app/play store.

Neither company does a perfect job of screening apps before allowing their sale...

So you aren't exactly more secure with either platform...


RE: not so
By testerguy on 6/26/13, Rating: 0
RE: not so
By JPForums on 6/27/2013 10:32:52 AM , Rating: 2
Yeah, but the Apple screening process is more in depth. After all, in addition to the basic screening (probably similar to Google's) they also have an internal non-compete requirement to fulfill. Even third party developers that had their product on the market before Apple aren't immune. Wait, what were we talking about again?


RE: not so
By melgross on 6/27/2013 10:26:13 AM , Rating: 2
It's basically irrelevant because it's far harder to exploit this in iOS due to the curated AppStore.
If it were easy, it would be done.

The fact that most phones and tablets used by business and government are iOS devices, and most consumer banking and Internet purchasing are done through iOS should mean that it should be targeted much more often. But as it's far more difficult, it isn't.

Results are what matter, not some useless theoretical weaknesses.


RE: not so
By Gio6518 on 6/26/2013 12:45:48 PM , Rating: 2
RE: not so
By TSS on 6/26/2013 1:23:15 PM , Rating: 1
Any user who's stupid enough to install something from a "third party source". Every time i connect to the internet my damn phone spams me with ads, some of which want to install automatically.

I'd get rid of it where it not that google *removed* all ad blocking software from the playstore. That's right, protection was there, and google removed it cause it might hurt their revenues. AVG doesn't pick up on any threats so i guess "legitimate" malware isn't counted as malware.

Why android will always have so much malware comes from what it was designed to be: It was designed to be a mobile advertising platform. Not a phone, Not a social device or anything like that. It was made to deliver advertising to your pocket.

I've learned my lesson anyway. The next smartphone i'll buy isn't going to run anything from Microsoft, Apple or Google. If this means i won't buy another smartphone, then i'll never have another smartphone. It's mostly a distraction anyway.


RE: not so
By xti on 6/26/2013 10:32:40 AM , Rating: 2
its like back in the days:

"MACs dont get exposed to any virus"

well thats because a virus writer rather have it hit millions of users than 2 dozen.


RE: not so
By testerguy on 6/26/2013 10:51:56 AM , Rating: 2
I think his point was the opposite of what you claim.

Even before Android was the majority platform, it had more viruses.

The real problem is that Google isn't tight enough with apps and the app store - the perceived open nature of Android makes it more of a target.

It's certainly not the case that the iOS market would be any less lucrative than the Android market should someone create Malware which sits on both.


RE: not so
By nafhan on 6/26/2013 11:30:07 AM , Rating: 2
The majority of Android malware is not coming from the official app store. The "problem" is mostly that you can install whatever you want on Android. If you're willing to give up that possibility (the Android default, and your only option on other mobile platforms), the amount of potential malware goes down significantly.

Of course, not blindly trusting random programs you find on the internet will have a similar effect.


RE: not so
By TakinYourPoints on 6/26/2013 3:52:46 PM , Rating: 2
Yeah, it isn't the OS or the vulnerabilities, its the system.

Remove the ability to install apps that haven't been vetted or that don't come from whitelisted sources, let users take back control over OS updates from the carriers, and malware isn't a problem anymore.


RE: not so
By JPForums on 6/27/2013 10:42:03 AM , Rating: 2
I'm definitely with you on the OS updates. They should come straight from the OS maker. You should have full details as to what individual updates do and you should have the choice of which updates to install, rather than just be given a single package that may address security vulnerabilities while also in an unrelated gesture add unnecessary "features"/remove desirable functionality that you'd really rather not have modified.


RE: not so
By Tony Swash on 6/26/13, Rating: -1
RE: not so
By TakinYourPoints on 6/26/2013 3:37:08 PM , Rating: 3
The majority of web traffic, app downloads, and mobile ad revenue (even for Google) comes from iOS. This is because it is only installed on high end smartphones and tablets. Android is the majority on the back of low cost devices that are basically glorified featurephones. The best selling high end Android devices, the GS3 and GS4, are a small fraction of Samsung's total smartphone sales and are still outsold by older iPhones.

The low end market for Android isn't really a huge factor when it comes to malware infections, given that they aren't really used for applications or the internet in the same way that real smartphones are.

The real reason for malware on Android is because users are easily able to run sketchy applications from any source rather than being limited to secure sources that vet applications for malware and maintain whitelists. Malware exists on iOS as well, but it almost all comes from sideloading apps on jailbroken devices.


RE: not so
By TakinYourPoints on 6/26/2013 3:42:29 PM , Rating: 2
Another reason comes down to carriers and manufacturers withholding updates. ICS in particular has massive security improvements that are required for enterprise deployment if security is in any way a concern. These are not present in earlier versions that make up nearly half of all Android installations.


RE: not so
By JPForums on 6/27/2013 10:55:05 AM , Rating: 2
This point is particularly compelling as when ICS was release and security improvements were made know, this also let malware designers know where the pre-ICS android versions were vulnerable. I would say it is disingenuous to compare the security of the most up to date version of one OS to non-updated versions of the others, but in an environment where people don't have access to the most up to date version it becomes a relevant concern. Google, if you don't want to be judged by older versions of your OS with know security holes, you need to take back some of the control over your update process from phone makers.


"A politician stumbles over himself... Then they pick it out. They edit it. He runs the clip, and then he makes a funny face, and the whole audience has a Pavlovian response." -- Joe Scarborough on John Stewart over Jim Cramer














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki