At the end of last year, security pundits predicted that 2012 would see a continued raise in the number of malicious Android apps and it looks like those predictions are coming true. According to Trend Micro, over 5,000 new malicious Android apps were found in first three months of 2012.
This really isn’t as shocking as it sounds, as Android usage is increasing, with more people using their phones or tablets to surf the web. As such, cyber criminals are increasing their efforts to target this huge Android user base.
“One big reason for the popularity of apps is their ease of use. Browsing the net on your mobile phone is not the same experience as doing it on a laptop… The key thing to remember is to think before you give an app access to your data… If you have any doubts about giving oversensitive information, just don’t do it” wrote Robert McArdle, a Senior Threat Researcher at Trend Micro.
The first three months of 2012 has seen some interesting and novel malware including:
- A fake “Temple Run” app that displayed bothersome ads via notifications
- A fake Russian Google Play site that hosted a malicious premium mobile service app
- A “Plankton” variant was found embedded in various Android apps, which led to the “largest Android malware outbreak ever”
Social networking remains a key way in which malware is spread. The members of the current social networking generation seem to have little concern for privacy and are more likely to reveal personal information online than older users. As such, cyber criminals are abusing this “openness” to effectively spread malware. Using sites like Facebook, Twitter, and Pinterest, which are all used extensively from mobile devices, these hackers use social engineering to trick users into installing apps or visiting malicious websites because the invitation (known as the “bait”) comes from a “friend”.
Remember: Watch what you download and from where you download it. If an offer sounds too good to be true it most probably is!