Risk
3/7/2013
09:32 AM
Connect Directly
RSS
E-Mail
50%
50%

Malware Writers Prefer Android

A whopping 96% of all smartphone malware was written for Android in Q4 2012, reports F-Secure.

Owners of Android smartphones have more to worry about than their peers, according to a new security report published Thursday from F-Secure. During the fourth quarter of 2012, 96% of all malware was written for Android, which has become the biggest target for ne'er-do-wells.

F-Secure compiled data from 2010, 2011 and 2012 to provide a picture of the state of smartphone security. It proves at least one major point: it's costly to be popular. "The rise of Android malware can be largely attributed to the operating system's increasing foothold in the mobile market," wrote F-Secure (PDF).

In 2010, Nokia's Symbian platform was the most targeted by malware writers. F-Secure said 62.5% of all malware written in 2010 was directed at Symbian, which was the dominant smartphone platform at the time. Following Symbian, 23.75% of malware targeted Microsoft's Windows Mobile platform. Just 11.25% of malware targeted Android in 2010, which was then just catching up to Apple's iOS and BlackBerry's OS in popularity. F-Secure noted that there were 80 malware families and variants in 2010.

The number of malware families surged to 195 in 2011, and so shifted the platforms targeted by malware writers. Actutally, the tables turned entirely. Fully two-thirds of all malware written in 2011 was aimed at Android, with Symbian trailing at 29.7%. Windows Mobile fell off the malware map, with just 1% of malware targeted at Microsoft's still-fading legacy smartphone platform. Android was quickly ascending to the top of the smartphone world by 2011.

[ Want the latest on mobile market share? Read Apple iPhone Gains U.S. Market Share. ]

The picture changed less dramatically in 2012. By the close of the year, 79% of all malware was written for Android (with the fourth-quarter's number leaping to an astonishing 96%). Malware written for Symbian dropped further to 19% for the full year. Only 0.7% of malware written in 2012 targeted Windows Mobile. Malware written for BlackBerry and iOS appeared for the first time, said F-Secure, with 0.3% targeting BlackBerry and 0.7% targeting iOS. The number of malware families climbed to a total of about 301.

What's the big deal with malware? F-Secure said, "Malicious actions carried out by these programs include (but are not limited to) installing hidden objects as well as hiding the objects from the user, creating new malicious objects, damaging or altering any data without authorization, and stealing any data or access credentials." These are all distinct possibilities for any device infected by malware.

Trojans are the biggest threat, representing two-thirds of the malware in 2012. Other threats include spyware, riskware, hack tools, monitoring tools and adware. Malware arrives most commonly via SMS or premium SMS messages/notifications.

It is worth pointing out that the author of this report, F-Secure, sells mobile security products and certainly has an agenda. It wants consumers and businesses to adopt its mobile security and protection products. It is also worth mentioning that in 10 years as a smartphone owner, I've never once experienced, witnessed or even heard of a malware problem affecting anyone. Is there a threat? Sure, but it isn't all that significant, in my opinion.

Here's a pro tip to avoid malware: Don't click on random SMS messages that show up from unknown sources, and only download apps from the Google Play Store (or your official mobile app store).

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Drew Conry-Murray
50%
50%
Drew Conry-Murray,
User Rank: Ninja
3/7/2013 | 10:28:56 PM
re: Malware Writers Prefer Android
This isn't really a surprise. Android has big enough numbers to make it a platform worth targeting, and Apple's walled garden approach to apps makes it harder (though not impossible) to slip malicious software into its app store.

Drew Conry-Murray
Editor, Network Computing
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6306
Published: 2014-08-22
Unspecified vulnerability on IBM Power 7 Systems 740 before 740.70 01Ax740_121, 760 before 760.40 Ax760_078, and 770 before 770.30 01Ax770_062 allows local users to gain Service Processor privileges via unknown vectors.

CVE-2014-0232
Published: 2014-08-22
Multiple cross-site scripting (XSS) vulnerabilities in framework/common/webcommon/includes/messages.ftl in Apache OFBiz 11.04.01 before 11.04.05 and 12.04.01 before 12.04.04 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a (1)...

CVE-2014-3525
Published: 2014-08-22
Unspecified vulnerability in Apache Traffic Server 4.2.1.1 and 5.x before 5.0.1 has unknown impact and attack vectors, possibly related to health checks.

CVE-2014-3563
Published: 2014-08-22
Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.

CVE-2014-3587
Published: 2014-08-22
Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists bec...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Three interviews on critical embedded systems and security, recorded at Black Hat 2014 in Las Vegas.