Virtually all new mobile malware is aimed at Android
The worldwide malware situation is getting worse and Android isn’t immune! According to the McAfee Threats Report: Second Quarter 2012, Q2 saw the biggest increase in all types of malware in the last four years. Over the period, 1.5 million new pieces of malware were detected and new mobile threats have been discovered including ‘drive-by downloads’ aimed at Android phones, the use of Twitter to control mobile botnets, and the appearance of mobile ‘ransomware’.
Android users need to remain vigilant. Q1 2012 saw a mobile malware explosion and now virtually all new mobile malware detected is aimed at the Android platform. These malicious apps, which are often distributed by third party app stores, include SMS-sending malware, mobile botnets, spyware, and destructive Trojans.
“Attacks that we’ve traditionally seen on PCs are now making their way to other devices. For example, in Q2 we saw Flashback, which targeted Macintosh devices and techniques such as ransomware and drive-by downloads targeting mobile. This report highlights the need for protection on all devices that may be used to access the Internet,” said Vincent Weafer, senior vice president of McAfee Labs.
The drive-by download mentioned by McAfee is known as Android/NotCompatible.A, which I reported on back in May. Similar to drive-by installs on the PC, the malware automatically starts downloading to a victim’s device just because they visited an infected web page. But because the malware claims to be a system update, it is likely that unsuspecting users will happily install it.
The use of sophisticated fake download sites is also on the rise and spotting malware and scam pages is becoming more difficult. According to F-Secure, attackers have begun to move away from crude-template based page designs and have upped their efforts to perfect the fake web pages, making them look and feel more legitimate, in order to trick more victims. Recent fake web sites offering downloads for Skype and Chrome easily look and feel like valid pages from the respective companies.
Trend Micro has also spotted an alarming increase in the number of malware apps in Google’s official Play store. During August, the company discovered a number of apps carrying the ‘Plankton’ virus. The Plankton virus was first discovered by North Carolina State University and led to what was called the largest Android malware outbreak ever. Between August 19 and August 25, Trend Micro found 46 apps in Google Play which carried the malware.
All these statistics can sound quite alarming; in fact, this never ending onslaught of malware has caused McAfee to draw a parallel with the punishment of Sisyphus, the king in Greek mythology who was punished by being forever forced to roll an immense boulder up a hill, only to watch it roll back down again. And as McAfee put it, “the boulder is getting heavy.” However you can protect yourself:
- Almost all (>99%) malware infected Android apps are distributed via untrusted third party app stores. Only download apps from trusted sources like Google Play and the Amazon Appstore.
- Always check the reviews and comments left by other users.
- Check which permissions an app requests. Games hardly ever need to send SMS messages, so beware!
- Download a security app for your device.
What do you do to protect your Android device?