Security analysts firm Trend Micro has recently reported that incidences of Android malware have quadrupled since the start of 2012. Android malware had already been growing at an alarming rate in 2011, but Trend Micro states that the number of Android malware samples it has uncovered has risen from 6000 in Q1 to 25,000 in Q2 – and it expects this figure to rise to an unprecedented 129,000 by the fourth quarter of this year.
Due to the open nature of the operating system, Android users face a much greater risk of installing malware than users of other platforms, such as iOS on the iPhone, Windows Phone or the BlackBerry OS. As smartphones are becoming more popular, they are increasingly becoming the target for internet fraudsters as they are less protected than personal computers which have had to deal with these problems for years – and have thus built up better defences.
The most common type of Android malware infects a user’s phone and then then covertly sends premium rate SMS messages, racking up a huge phone bill for the unfortunate victim. While this is the most common type of threat, it is by no means the only one.
The majority of malicious Android apps appear to be downloaded from third party app websites, often under the guise of providing free versions of premium apps from Google Play. But due to its lack of vetting for new apps submitted to Google Play, an increasing number of malicious apps are making their way onto the official Android app store. Earlier this year, 17 malicious apps were uncovered on Google Play which had been downloaded more than 700,000 times.
Malware is often contained in fake versions of highly popular apps and games, such as Draw Something and Angry Birds. While a number of antivirus apps exist for Android, which all Android users should consider using to keep themselves protected, malware has even been found in fake antivirus apps.
Just last month the “Android Security Suite Premium” app was found to contain a variant of the Zeus Trojan, which generates money for criminals by stealing SMS messages and mobile transaction authorisation numbers (mTANs) sent from banks.
This week Microsoft Cyber Security expert Terry Zink uncovered a botnet program that has hijacked Yahoo Mail accounts on Android phones. This is the first known instance of botnet attacks on smartphones. A botnet will hijack a large number of devices and then use these to distribute spam emails, steal personal data or engage in click fraud.
While relatively less painful for the victim compared to having their bank details stolen, the existence of the Yahoo Mail botnet shows that smartphones, and particularly Android smartphones, are increasingly being targeted for all sorts of criminal activities with potentially serious consequences for victims.
Zink suggests that this botnet was either contained within a malicious app, or possibly a fake Yahoo Mail app, but those who have been infected by it are likely to have obtained the malware from a third-party online app depository. With Android malware likely to become a much more serious problem in the coming months users are advised to stick to Google Play, use their common sense when downloading apps and accepting app permissions, and to not risk losing the entire contents of their bank accounts for the sake of saving a few dollars on popular premium apps offered for free online.