Skip to main content
  1. Home
  2. Mobile

Is Android becoming the Windows of mobile malware?

By
android virus
Image used with permission by copyright holder

Juniper Networks is raising eyebrows in the mobile industry this morning with a new report claiming the incidence of malware targeting Android devices has risen by 472 percent since July of this year. Presumably, that number is augmented by “hundreds” of malware samples the company uncovered in a series of third-party Russian app stores. Juniper describes the Russian malware cache as just the “tip of the iceberg,” believing there may be thousands of more malware apps waiting to be discovered.

Although many security firms still characterize the threat of mobile malware as relatively low, it’s important to know that those firms are generally comparing the number of threats faced by Android and other mobile operating systems to the those faced by Windows — which is the absolute king of malware, assaulted by hundreds and even thousands of new trojans, worms, exploits, and variants every day. Saying a platform faces a low threat compared to Windows isn’t saying much at all.

Recommended Videos

But Juniper’s figures highlight the growing threat of mobile malware, particularly on Android. How do Juniper’s numbers hold up, what’s to blame for rising Android malware, and how can Android users protect themselves and their devices?

Juniper’s figures

Juniper Networks Android Malware infographic Nov 2011
Image used with permission by copyright holder

According to Juniper Network, the amount of malware targeting Android has jumped by 472 percent since July, punctuated by very sharp increases in October and November. Juniper says they were seeing steady increases in the amount of Android malware they intercepted in July and August, which saw incidence rates increase by 10 and 18 percent, respectively. However, in September Juniper intercepted more than double the amount of Android malware it had in July (up 110 percent) and that figure jumped to either 111 or 171 percent from October 1 through November 10. (See Juniper’s infographic for more detail—the infographic claims a 111 percent increase most recently, But Juniper’s text says 171 percent.)

The figures echo similarly alarming percentages from other security vendors. This summer, Trend Micro claimed the incidence of Android malware had increased 1,410 percent from January to July 2011. It published an infographic, too.

Curiously, Juniper provides no hard figures to accompany its percentages, so it’s difficult to know what those percentages mean in absolute terms. It would be nice to compare the number of malware apps out there (and their interception rates) to the number of available Android apps or the number of apps distributed over the same period of time. After all, if a small town of 5,000 people had one serious traffic accident in 2010 and then two serious traffic accidents in 2011, the rate would be up by an alarming 100 percent! However, number of accidents in proportion to the number of drivers — let alone the number of hours driven in the town during the year — would still be very, very low. Juniper Networks does describe the cache of Russian malware it found as “hundreds” of apps, but it’s not clear if those are included in the firm’s 472 percent increase, and offers no other hard figures.

Symantec and Kaspersky similarly offer percentages for recent increases in Android malware, but seem to withhold hard figures — or, at least, I haven’t been able to find them. McAfee is slightly more helpful: In August it reported a 76 percent increase in malware targeting Android during the second quarter of 2011, and gave a specific number of threats it had identified: 44. Just this week, McAfee described the total number of malicious apps in the wild as “approximately 200“—and that’s across all platforms, including Symbian, Java ME, Windows Mobile, iOS, and others.

The number of apps available on the Android Market stands at about 350,000. Although the total number of threat apps is never truly known — even to security researchers — the alarmingly large percentage figures from Juniper and McAfee do seem to suffer from a bit of the small-town problem. Despite some high-profile malware removals from the Android Market (like DroidDream trojans earlier this year),  in absolute terms, Android malware still a very small portion of the broader Android software ecosystem.

Types of Android malware

There does seem to be basic agreement on the types of Android malware out there. The bulk acts as spyware and tries to steal personal data, including contacts, location, personally identifying information email, messages, and data stashed in log files and other areas of the device. Spyware can also potentially control an Android device, meaning it could place calls, send messages, restart apps, disable locks, control vibrate alerts, and (of course) access the Internet to send collected data to the malware authors — or download and install new malware packages.

Spyware represents a bit of a longer-term game for malware authors: They’re hoping they’ll get usable (and sellable) information by keeping an eye on users’ phones, and they’ll make their money selling collected email addresses (and potentially financial information) to spammers and cybercriminals.

One form of Android malware that has immediate payoff for malware authors is are SMS Trojans: apps that appear to do something fun or useful, but in the background send SMS messages to premium rate numbers — the same way many voting competitions, music and ringtone services, and other businesses collect money via text messages. Once those messages are sent, the malware authors have their money, and consumers don’t have much (or any) recourse. The bulk of Android malware apps Juniper says it found in Russian third-party Android markets are SMS Trojans.

Pointing fingers

So even if malware isn’t quite overrunning the ecosystem yet, where is all this malware coming from? Security firms seem to pretty squarely place the bulk of Android malware at the feet of cybercriminals who used to target Java ME and Symbian phones. As those platforms have declined, they’ve moved along to Android, which enables them to leverage some of their working knowledge of Java and is also, conveniently, now the world’s hottest-selling smartphone platform.

In terms of distribution, security firms all agree that third-party Android app stores run a higher risk of malware than trusted sources. A number of Android exploits have been distributed via third-party app stores in Russia and China — heck, one Chinese example of Android malware uses a public blog as its command-and-control center. The appeal of these app stores in their respective markets is obvious: They use local languages, and their selection of apps and new items is going to be much more in tune with local culture than the broader Android Market. Nonetheless, most of those app stores are completely unregulated and unmonitored: Almost anyone can upload anything, safe or not.

That doesn’t let Google’s Android Market off the hook. Although McAfee recommends Android Market specifically as a trusted source for safe Android apps, other security outfits aren’t so kind. Juniper in particular rips into Google’s management of the Android Market:

“These days, it seems all you need [to upload malware to Android Market] is a developer account, that is relatively easy to anonymize, pay $25 and you can post your applications,” Juniper wrote in its blog. “With no upfront review process, no one checking to see that your application does what it says, just the world’s largest majority of smartphone users skimming past your application’s description page with whatever description of the application the developer chooses to include.”

Google famously does not review submissions to the Android Market, or require code-signing by a trust authority, although developers must at least code-sign with self-signed certificates. Although Google will remove malicious apps once they’re discovered, realistically that can’t happen until the apps have victimized users.

Staying safe

Android users can take some basic steps to keep their devices and their data safe. Good tips include:

  • Disable the “unknown sources” option for installing apps in the Android device’s Applications Settings menu. This will help prevent users from inadvertently installing software when, say, accidentally following a malware link in an SMS message, spam, or social networking site. It will also keep the device out of most third-party Android app stores, which seem to be a prime distribution vector for Android malware. However, this may not be an option if users need to sideload custom Android apps for, say, business or work purposes.
  • Research apps before downloading or buying them. Try to stick with apps that have broad third-party recommendations and come from reputable publishers. Check both an app’s and publisher’s ratings.
  • Carefully check app’s permissions. When you install an app, Android will present a list of hardware and software components that the app wants to access, including things like location data, a device’s camera, the Internet, storage, system tools, MMS/SMS, and making phone calls. If the requested permissions don’t seem reasonable, don’t allow the app to install. For instance, a game probably doesn’t have any need to access your contacts, and a photo organizer doesn’t need to send SMS messages.

Makers of security and antivirus software will, of course, recommend users download, install (and, hopefully, purchase) antivirus software for Android. However, the jury seems to be out on how useful security and antivirus apps are for Android — at least at the moment. A new study from AV-Test (PDF) finds that almost all free Android malware apps don’t offer significant protection against existing Android malware. Paid Android security packages from F-Secure and Kaspersky fared better, but only managed to detect about half the installed threats tested by AV-Test, although they did very well with blocking malware installation.

The most important thing is probably to be aware that there is malware for Android, and let common sense be your guide. If an app seems to good to be true, it might just be carrying a hidden payload that’s after your money and personal information.

Geoff Duncan
Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Best Fitbit deals: Save on Versa 4, Charge 6, and Sense 2
The Fitbit Sense 2 in moss.

One of the best fitness trackers is a great way to up your workout, though they can get expensive. Even with the current Apple deals, Apple Watch deals, and Samsung Galaxy Watch deals things can get a little expensive. Fitbit is a good fitness tracker brand to turn to if you’re looking for affordability. It has a great lineup of options, and Fitbit watches are almost always seeing a deal. In fact, right now Fitbit deals make for some of the best smartwatch deals you can shop. Below you’ll find what we feel are the best Fitbit deals to shop right now. There are several models to choose from for some savings, as well as a great deal on the Fitbit Charge 4.
Today's best Fitbit deal
Fitbit Charge 4 -- $125, was $150

While there are newer Fitbit Charge models on the market that include both the Fitbit Charge 5 and the Fitbit Charge 6, the Fitbit Charge 4 still has a lot to offer. It has all sorts of fitness and activity tracking capabilities. It can measure your resting heart rate and calorie burn throughout the day, as well as your SpO2 nightly average. The Charge 4 also uses built-in GPS to see your pace and distance during outdoor runs, rides, hikes, and other activities. You can head out for a long hike with this smartwatch, as the Charge 5 can last up to seven days on a single battery charge, and up to five hours when GPS is being used.

Read more
Best Samsung deals: The Galaxy S24 Ultra is up to $750 off
Best Android Phone 2022 Galaxy S22 Ultra in hand with S Pen feat image.

Whether you’re looking to shop TV deals, phone deals, smartwatch deals, and even tablet deals, Samsung almost always has something we could direct your attention toward. It’s regularly regarded as one of the top electronics brands, and almost always places among the best TV brands. There are a lot of Samsung deals worth shopping right now, and they cross the full spectrum of tech. We’ve done some of the heavy lifting for you and have rounded up what we feel are the best Samsung deals to shop right now. You’ll find a little bit of everything with these deals, so read onward for more details.
Samsung Galaxy Watch 4 — $150, was $200

On the surface, the Samsung Galaxy Watch 4 may look like a watch with a cool digital screen. And, of course, that'd be quite nice. But it turns out to be more of a wearable health monitor, giving you access to info on your overall fitness, running capabilities, and sleep cycles. Our Samsung Galaxy Watch 4 review compliments it for its seamless pairing with Samsung devices and its compatibility with small wrists. As you're sure to be adventuring, running, and exploring with this watch, be sure to grab one of the best Samsung Galaxy Watch 4 screen protectors to preserve its longevity.

Read more
Galaxy AI is coming to more Samsung phones very soon
A person using the Generative AI wallpapers on the Samsung Galaxy S24 Ultra.

Samsung is bringing its Galaxy AI technology to more Galaxy smartphones and tablets. This comes just months after the software was revealed with the Galaxy S24 series.

Samsung has begun rolling out Galaxy AI features to anyone with a Galaxy S22 series phone, Galaxy Z Fold 4, or Galaxy Z Flip 4. You will soon be able to download One UI 6.1 to get all of the benefits of Galaxy AI. The update appears to be rolling out in Korea now, suggesting it should hit U.S. devices very soon.

Read more