A recent survey has concluded that mobile malware continues to rise at an accelerated rate. The smartphone operating system (OS) seeing the most malware action? Google's Android.
In AugustDigital Journalreported security company McAfee said Android has the most malware and malicious attacks and, based on a new report issued from Juniper, it appears this figure continues to rise, at a rate Juniper describes as "exponential."
In the report, released Nov. 15, Juniper said since July 2011 there has been a 472 percent increase in Android malware samples. The probable reason? Develop apps written for the Android OS.
Juniper said in their blog, "These days, it seems all you need is a developer account, that is relatively easy to anonymize, pay $25 and you can post your applications. With no upfront review process, no one checking to see that your application does what it says."
While applications can be removed after it has been discovered they are malicious, by then the damage has been done, and that's even if someone reports it. If no users report the application, the malware can continue to infect Android users.
Smartphone malware has become more sophisticated in nature, and most of them target communications, location or other personally identifiable information. The two largest known infection threats fall in the categories of 'Spyware', which ranked at 55 percent, and 'SMS Trojan' which garnered 44 percent, said Juniper. The latter sends SMS messages, without the user's knowledge, to premium rate numbers which net the attacker money; unfortunately most of these numbers are anonymous, so affected users often have no recourse to get their money back.
Perhaps this statistic is not all that surprising being that it was recently discovered that Android now accounts for half of all mobile sales. It is not uncommon for market leaders to be the most affected by malware because the payoff is larger for those creating the tainted apps. Consider the level of malware created that targets Microsoft's Windows product. Windows, by far, is more frequently targeted by malware when compared to other, less populated, operating systems (OS).
Computerworld reported Dan Hoffman, Juniper's chief mobile security analyst and a member of the company's global threat center said in an interview, "We're seeing a mix of the traditional hacking community [working] on malware very similar to organized efforts on the PC side, as well as people who are just a little smart, the '15-year-old kid crowd,' who are able to hide some malicious content in an app."
The problem seems to be rooted in the fact that Google doesn't police its available applications nor keep applications in its own distribution channels. If Google were to initiate restrictions in applications this could provide a higher level of security and bring down the percentage of infected Android devices. Competitor Apple is more restrictive and is seemingly not seeing the explosive increases in malware that Google's smartphone OS is seeing.
While this may help, user action and behavior is important too.
Hoffman also emphasized user responsibility, stating, "No matter what policies an app store may have, the real way is to protect a device is to protect it with security software," Hoffman said. "You have to protect your mobile devices just like you protect your PCs."
Mobile malware is likely not going to decrease in attempts because the rapid growth of mobile is projected to continue. As increased use of mobile to connect to the Internet occurs, users can probably expect to see increased levels of exploits.