Risk
3/7/2013
09:32 AM
50%
50%

Malware Writers Prefer Android

A whopping 96% of all smartphone malware was written for Android in Q4 2012, reports F-Secure.

Owners of Android smartphones have more to worry about than their peers, according to a new security report published Thursday from F-Secure. During the fourth quarter of 2012, 96% of all malware was written for Android, which has become the biggest target for ne'er-do-wells.

F-Secure compiled data from 2010, 2011 and 2012 to provide a picture of the state of smartphone security. It proves at least one major point: it's costly to be popular. "The rise of Android malware can be largely attributed to the operating system's increasing foothold in the mobile market," wrote F-Secure (PDF).

In 2010, Nokia's Symbian platform was the most targeted by malware writers. F-Secure said 62.5% of all malware written in 2010 was directed at Symbian, which was the dominant smartphone platform at the time. Following Symbian, 23.75% of malware targeted Microsoft's Windows Mobile platform. Just 11.25% of malware targeted Android in 2010, which was then just catching up to Apple's iOS and BlackBerry's OS in popularity. F-Secure noted that there were 80 malware families and variants in 2010.

The number of malware families surged to 195 in 2011, and so shifted the platforms targeted by malware writers. Actutally, the tables turned entirely. Fully two-thirds of all malware written in 2011 was aimed at Android, with Symbian trailing at 29.7%. Windows Mobile fell off the malware map, with just 1% of malware targeted at Microsoft's still-fading legacy smartphone platform. Android was quickly ascending to the top of the smartphone world by 2011.

[ Want the latest on mobile market share? Read Apple iPhone Gains U.S. Market Share. ]

The picture changed less dramatically in 2012. By the close of the year, 79% of all malware was written for Android (with the fourth-quarter's number leaping to an astonishing 96%). Malware written for Symbian dropped further to 19% for the full year. Only 0.7% of malware written in 2012 targeted Windows Mobile. Malware written for BlackBerry and iOS appeared for the first time, said F-Secure, with 0.3% targeting BlackBerry and 0.7% targeting iOS. The number of malware families climbed to a total of about 301.

What's the big deal with malware? F-Secure said, "Malicious actions carried out by these programs include (but are not limited to) installing hidden objects as well as hiding the objects from the user, creating new malicious objects, damaging or altering any data without authorization, and stealing any data or access credentials." These are all distinct possibilities for any device infected by malware.

Trojans are the biggest threat, representing two-thirds of the malware in 2012. Other threats include spyware, riskware, hack tools, monitoring tools and adware. Malware arrives most commonly via SMS or premium SMS messages/notifications.

It is worth pointing out that the author of this report, F-Secure, sells mobile security products and certainly has an agenda. It wants consumers and businesses to adopt its mobile security and protection products. It is also worth mentioning that in 10 years as a smartphone owner, I've never once experienced, witnessed or even heard of a malware problem affecting anyone. Is there a threat? Sure, but it isn't all that significant, in my opinion.

Here's a pro tip to avoid malware: Don't click on random SMS messages that show up from unknown sources, and only download apps from the Google Play Store (or your official mobile app store).

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Drew Conry-Murray
50%
50%
Drew Conry-Murray,
User Rank: Ninja
3/7/2013 | 10:28:56 PM
re: Malware Writers Prefer Android
This isn't really a surprise. Android has big enough numbers to make it a platform worth targeting, and Apple's walled garden approach to apps makes it harder (though not impossible) to slip malicious software into its app store.

Drew Conry-Murray
Editor, Network Computing
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2010-5312
Published: 2014-11-24
Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.

CVE-2012-6662
Published: 2014-11-24
Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo.

CVE-2014-1424
Published: 2014-11-24
apparmor_parser in the apparmor package before 2.8.95~2430-0ubuntu5.1 in Ubuntu 14.04 allows attackers to bypass AppArmor policies via unspecified vectors, related to a "miscompilation flaw."

CVE-2014-7817
Published: 2014-11-24
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".

CVE-2014-7821
Published: 2014-11-24
OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?