I’ve never been affected by any serious malware or virus’ on my Android phone, despite rooting, playing with custom ROMs, and installing the occasional APK downloaded from outside of the Google Play Store. But still the statistics come pouring out decrying that Android is infested with malicious apps and security threats.
Personally I’m in total agreement with Simon Hill; sensible and cautious Android users don’t have anything to worry about. But regardless, let’s have a look at the latest statistics from security experts F-Secure; who of course don’t have an ulterior motive for publishing these statistics, like selling anti-virus software for instance.
Shockingly, Android accounted for 79% of all malware attacks in 2012 according to F-Secure, up from 66.7% in 2011 and 11.25% in 2010. Clearly there appears to be a prevailing trend towards targeting Android, no doubt as a result of the operating system’s growing popularity and open-source accessibility.
iOS, Blackberry, and Windows operating systems on the other hand each received less than 1% of all malware attacks in 2012, which is a pretty massive difference from Android. Ok, but what exactly are we installing which is causing Android so many problems?
We can see that the majority of the malware is coming in the form of Trojans; malware which gains unauthorized access to your device whilst appearing to perform something altogether more desirable. This could be an app which secretly steals and transmits personal information, or a game which tries to install other more malicious applications without your consent. Trojan’s can appear from a large number of sources, including security flaws in web browsers, so it’s not just suspicious apps on the Play Store causing problems.
Other security threats make up much smaller percentages; actively dangerous applications only makes up 1.7% of all threats, and adware accounts for a tiny 2.7%, which is surprising considering Android’s reputation for dodgy advertisement spammed applications.
F-Secure also stated that 21 of the 96 Android threats it identified in Q4 of 2012 came from premium SMS services. These encourage users to rack up additional SMS charges and sometimes even sign unwitting users up to subscription services. It backs up this claim by noting that malware attacks are becoming more and more financially motivated.
Profit-motivated malware attacks now account for substantially more threats than the previously dominant non-financially motivated ones, which could be due to the fact that we are putting far more financial information on our devices than ever before. A problem which could be made worse by the numerous wallet apps being pushed out by developers.
Although these statistics look bad, it’s worth remembering that F-Secure’s definition of malware might be quite different from yours or mine. For example, does an app qualify as malware simply because it requires root access, and therefore could theoretically be a security threat?
I recommend you take this data with a pinch of salt, after all F-Secure certainly has a vested interest in convincing us all that evil is just a click away. Just install a decent free anti-virus app if you’re really that concerned, and relax.