Android becoming Windows of mobile hacking world?

As by far the most targeted mobile OS in Q2, Android looks like it could become the Windows of the cyber crime world.

Android

Android officially became the most attacked mobile operating system by far in the second quarter (Q2), indicating it is emerging as the Windows of the mobile hacking world.

McAfee data showed the amount of Android focused malware spiked 76 per cent in Q2 of 2011, when compared to Q1.

Of all new mobile malware created in the second quarter, approximately two thirds was aimed at Android. The second most targeted platform was Java ME, with around 12 per cent of new malware aimed at the OS.

The Android malware writing scene is heating up as the season of summer holidays is coming to its end.

Symbian was the third most attacked, whilst BlackBerry was fourth. Neither iOS nor Windows Phone 7 even featured in the McAfee rankings.

In its Q2 threat report, McAfee listed a host of Android malware examples that have tried to infiltrate phones via maliciously crafted apps. One examples was the DroidKungFu family, similar to the notorious DroidDream malware, which was able to install additional software and updates.

The overall number of mobile malware samples has doubled since 2009, with Android emerging as the hackers' pick. Microsoft's Windows has been cyber criminals' top choice for years, so Google will be pressing hard to ensure its OS does not become the mobile equivalent.

Mounting evidence?

Meanwhile, the pile of evidence pointing to Android's popularity amongst cyber criminals has been growing.

Security researchers have picked up on a piece of malware known as Gingermaster, which was discovered in a Chinese alternative Android marketplace.

The malware was spotted hiding within apps offering "Beauty of the day" pictures.

"Apart from displaying the photos, Gingermaster creates a service that steals information from your device, sending it out to a remote website in an HTTP POST request," explained Sophos researcher Vanja Svajcer, in a blog post.

"The information grabbed includes: user identifier, SIM card number, telephone number, IMEI number, IMSI number, screen resolution and local time If the root exploit is successful, the system partition is remounted as writable and various additional utilities installed, supposedly to make removal more difficult and allow for additional functionality."

Svajcer noted how Sophos had recorded a significant spike in Android malware too.

"The Android malware writing scene is heating up as the season of summer holidays is coming to its end," he added. "Last week, we received a record number of samples which are now waiting to be analysed in detail."

Trend Micro this week noted on its blog it saw a 1,410 per cent increase in the number of Android malware samples discovered from January to July 2011.

However, as Trend Micro itself said, malware is not a massive issue for Android users just yet.

"Our researchers opine that we have yet to reach a tipping point where malware becomes the biggest security issue for Android-based device users," said Trend researcher Paul Oliveria.

"The fact that these malicious apps are out there to invade one's privacy, to take control of a device, and to cost users money because of unnecessary billing charges are some things that should be taken seriously though."

Featured Resources

The ultimate law enforcement agency guide to going mobile

Best practices for implementing a mobile device program

Free download

The business value of Red Hat OpenShift

Platform cost savings, ROI, and the challenges and opportunities of Red Hat OpenShift

Free download

Managing security and risk across the IT supply chain: A practical approach

Best practices for IT supply chain security

Free download

Digital remote monitoring and dispatch services’ impact on edge computing and data centres

Seven trends redefining remote monitoring and field service dispatch service requirements

Free download

Recommended

Eight steps to fight ransomware
Whitepaper

Eight steps to fight ransomware

28 Sep 2021
Malware developers create malformed code signatures to avoid detection
malware

Malware developers create malformed code signatures to avoid detection

24 Sep 2021
The state of ransomware in retail 2021
Whitepaper

The state of ransomware in retail 2021

23 Aug 2021
McAfee Total Protection review: Quick, effective and affordable
antivirus

McAfee Total Protection review: Quick, effective and affordable

23 Aug 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
HPE wins networking contract with Birmingham 2022 Commonwealth Games
Network & Internet

HPE wins networking contract with Birmingham 2022 Commonwealth Games

15 Oct 2021