Android becoming Windows of mobile hacking world?

As by far the most targeted mobile OS in Q2, Android looks like it could become the Windows of the cyber crime world.

Android

Android officially became the most attacked mobile operating system by far in the second quarter (Q2), indicating it is emerging as the Windows of the mobile hacking world.

McAfee data showed the amount of Android focused malware spiked 76 per cent in Q2 of 2011, when compared to Q1.

Of all new mobile malware created in the second quarter, approximately two thirds was aimed at Android. The second most targeted platform was Java ME, with around 12 per cent of new malware aimed at the OS.

The Android malware writing scene is heating up as the season of summer holidays is coming to its end.

Symbian was the third most attacked, whilst BlackBerry was fourth. Neither iOS nor Windows Phone 7 even featured in the McAfee rankings.

In its Q2 threat report, McAfee listed a host of Android malware examples that have tried to infiltrate phones via maliciously crafted apps. One examples was the DroidKungFu family, similar to the notorious DroidDream malware, which was able to install additional software and updates.

The overall number of mobile malware samples has doubled since 2009, with Android emerging as the hackers' pick. Microsoft's Windows has been cyber criminals' top choice for years, so Google will be pressing hard to ensure its OS does not become the mobile equivalent.

Mounting evidence?

Meanwhile, the pile of evidence pointing to Android's popularity amongst cyber criminals has been growing.

Security researchers have picked up on a piece of malware known as Gingermaster, which was discovered in a Chinese alternative Android marketplace.

The malware was spotted hiding within apps offering "Beauty of the day" pictures.

"Apart from displaying the photos, Gingermaster creates a service that steals information from your device, sending it out to a remote website in an HTTP POST request," explained Sophos researcher Vanja Svajcer, in a blog post.

"The information grabbed includes: user identifier, SIM card number, telephone number, IMEI number, IMSI number, screen resolution and local time If the root exploit is successful, the system partition is remounted as writable and various additional utilities installed, supposedly to make removal more difficult and allow for additional functionality."

Svajcer noted how Sophos had recorded a significant spike in Android malware too.

"The Android malware writing scene is heating up as the season of summer holidays is coming to its end," he added. "Last week, we received a record number of samples which are now waiting to be analysed in detail."

Trend Micro this week noted on its blog it saw a 1,410 per cent increase in the number of Android malware samples discovered from January to July 2011.

However, as Trend Micro itself said, malware is not a massive issue for Android users just yet.

"Our researchers opine that we have yet to reach a tipping point where malware becomes the biggest security issue for Android-based device users," said Trend researcher Paul Oliveria.

"The fact that these malicious apps are out there to invade one's privacy, to take control of a device, and to cost users money because of unnecessary billing charges are some things that should be taken seriously though."

Featured Resources

How to scale your organisation in the cloud

How to overcome common scaling challenges and choose the right scalable cloud service

Download now

The people factor: A critical ingredient for intelligent communications

How to improve communication within your business

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Recommended

What is the Computer Misuse Act?
Policy & legislation

What is the Computer Misuse Act?

2 Mar 2021
AOL users are the target of a new phishing campaign
phishing

AOL users are the target of a new phishing campaign

1 Mar 2021
What is cloud-to-cloud backup?
cloud backup

What is cloud-to-cloud backup?

1 Mar 2021
Lazarus APT hacking group is targeting the defense industry
Security

Lazarus APT hacking group is targeting the defense industry

26 Feb 2021

Most Popular

How to connect one, two or more monitors to your laptop
Laptops

How to connect one, two or more monitors to your laptop

25 Feb 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021
Ransomware operators are exploiting VMware ESXi flaws
ransomware

Ransomware operators are exploiting VMware ESXi flaws

1 Mar 2021