Risk
3/7/2013
09:32 AM
50%
50%

Malware Writers Prefer Android

A whopping 96% of all smartphone malware was written for Android in Q4 2012, reports F-Secure.

Owners of Android smartphones have more to worry about than their peers, according to a new security report published Thursday from F-Secure. During the fourth quarter of 2012, 96% of all malware was written for Android, which has become the biggest target for ne'er-do-wells.

F-Secure compiled data from 2010, 2011 and 2012 to provide a picture of the state of smartphone security. It proves at least one major point: it's costly to be popular. "The rise of Android malware can be largely attributed to the operating system's increasing foothold in the mobile market," wrote F-Secure (PDF).

In 2010, Nokia's Symbian platform was the most targeted by malware writers. F-Secure said 62.5% of all malware written in 2010 was directed at Symbian, which was the dominant smartphone platform at the time. Following Symbian, 23.75% of malware targeted Microsoft's Windows Mobile platform. Just 11.25% of malware targeted Android in 2010, which was then just catching up to Apple's iOS and BlackBerry's OS in popularity. F-Secure noted that there were 80 malware families and variants in 2010.

The number of malware families surged to 195 in 2011, and so shifted the platforms targeted by malware writers. Actutally, the tables turned entirely. Fully two-thirds of all malware written in 2011 was aimed at Android, with Symbian trailing at 29.7%. Windows Mobile fell off the malware map, with just 1% of malware targeted at Microsoft's still-fading legacy smartphone platform. Android was quickly ascending to the top of the smartphone world by 2011.

[ Want the latest on mobile market share? Read Apple iPhone Gains U.S. Market Share. ]

The picture changed less dramatically in 2012. By the close of the year, 79% of all malware was written for Android (with the fourth-quarter's number leaping to an astonishing 96%). Malware written for Symbian dropped further to 19% for the full year. Only 0.7% of malware written in 2012 targeted Windows Mobile. Malware written for BlackBerry and iOS appeared for the first time, said F-Secure, with 0.3% targeting BlackBerry and 0.7% targeting iOS. The number of malware families climbed to a total of about 301.

What's the big deal with malware? F-Secure said, "Malicious actions carried out by these programs include (but are not limited to) installing hidden objects as well as hiding the objects from the user, creating new malicious objects, damaging or altering any data without authorization, and stealing any data or access credentials." These are all distinct possibilities for any device infected by malware.

Trojans are the biggest threat, representing two-thirds of the malware in 2012. Other threats include spyware, riskware, hack tools, monitoring tools and adware. Malware arrives most commonly via SMS or premium SMS messages/notifications.

It is worth pointing out that the author of this report, F-Secure, sells mobile security products and certainly has an agenda. It wants consumers and businesses to adopt its mobile security and protection products. It is also worth mentioning that in 10 years as a smartphone owner, I've never once experienced, witnessed or even heard of a malware problem affecting anyone. Is there a threat? Sure, but it isn't all that significant, in my opinion.

Here's a pro tip to avoid malware: Don't click on random SMS messages that show up from unknown sources, and only download apps from the Google Play Store (or your official mobile app store).

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Drew Conry-Murray
50%
50%
Drew Conry-Murray,
User Rank: Ninja
3/7/2013 | 10:28:56 PM
re: Malware Writers Prefer Android
This isn't really a surprise. Android has big enough numbers to make it a platform worth targeting, and Apple's walled garden approach to apps makes it harder (though not impossible) to slip malicious software into its app store.

Drew Conry-Murray
Editor, Network Computing
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8893
Published: 2015-01-28
Multiple cross-site scripting (XSS) vulnerabilities in (1) mainpage.jsp and (2) GetImageServlet.img in IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

CVE-2014-8894
Published: 2015-01-28
Open redirect vulnerability in IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via the out parameter.

CVE-2014-8895
Published: 2015-01-28
IBM TRIRIGA Application Platform 3.2.1.x, 3.3.2 before 3.3.2.3, and 3.4.1 before 3.4.1.1 allows remote attackers to bypass intended access restrictions and read the image files of arbitrary users via a crafted URL.

CVE-2014-8917
Published: 2015-01-28
Multiple cross-site scripting (XSS) vulnerabilities in (1) dojox/form/resources/uploader.swf (aka upload.swf), (2) dojox/form/resources/fileuploader.swf (aka fileupload.swf), (3) dojox/av/resources/audio.swf, and (4) dojox/av/resources/video.swf in the IBM Dojo Toolkit, as used in IBM Social Media A...

CVE-2014-8920
Published: 2015-01-28
Buffer overflow in the Data Transfer Program in IBM i Access 5770-XE1 5R4, 6.1, and 7.1 on Windows allows local users to gain privileges via unspecified vectors.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
If youíre a security professional, youíve probably been asked many questions about the December attack on Sony. On Jan. 21 at 1pm eastern, you can join a special, one-hour Dark Reading Radio discussion devoted to the Sony hack and the issues that may arise from it.