Risk
5/17/2011
00:41 AM
Ed Hansberry
Ed Hansberry
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Reduce Your Android Security Risks

Threats against Google's mobile platform have increased 400% in the last year, but common sense will protect users against many of the attacks.

Hackers and criminals have been targeting Windows on the desktop for years simply because it is the biggest platform out there in terms of market share. You want to go after the biggest audience possible to increase your odds of success in finding a system that is unprotected. Now that smartphones are such a large market, with tens of millions of devices being sold and activated each quarter, the temptation is just too big to pass up.

Android is the king of the hill when it comes to smartphone market share, a fact that hasn't gone unnoticed to hackers and malware authors. Juniper Networks Global Threat Center has compiled a report showing that malware attacks on Android are up 400% since the summer of 2010.

According to the report, they are targeting the platform because many of its users are "unaware, disinterested, or uneducated" about security. The malware is focusing on monitoring phone calls and SMS messages made with the phone. When you think about how many people do online banking via their phone's voice capabilities or get confirmation codes via SMS to log into social networks, there is a lot of info to be gleaned from these two relatively old communication methods.

Juniper expects the attacks to gradually include "command and control zombies and botnet participators, devices that are remotely controlled to execute malicious attacks."

The quick solution is to be careful what you download. Most of the infections are caused by users unwittingly installing them as part of a downloaded app. Your best bet is to stick to apps in a reputable online store and look for those that have good ratings. That is no guarantee you'll be ok, but side-loading apps from unknown developers is asking for trouble.

Longer term the report suggests that the user run security software on their phone. The problem here though is phones aren't like PCs. By comparison, desktop computers have virtually unlimited storage space, computing power, and memory. Phone manufactures are constantly struggling to keep their phone's user interface smooth and responsive. Adding software that is constantly looking at what the phone is doing and checking it against a database of thousands of signatures may slow the phone to a crawl. At a minimum, there will be a performance hit.

If you are an Android user, have you been hit? Are you running any security software or are you considering it?

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Bprince
50%
50%
Bprince,
User Rank: Ninja
11/1/2011 | 12:40:43 AM
re: Reduce Your Android Security Risks
Symantec had some interesting research recently about some of the most prevalent Android malware attacks and how attackers are monetizing malware (PDF):
http://www.symantec.com/conten...
Brian Prince, InformationWeek/DarkReading Comment Moderator
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, September 16, 2014
Malicious software is morphing to be more targeted, stealthy, and destructive. Are you prepared to stop it?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0985
Published: 2014-09-20
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName parameter.

CVE-2014-0986
Published: 2014-09-20
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the GotoCmd parameter.

CVE-2014-0987
Published: 2014-09-20
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the NodeName2 parameter.

CVE-2014-0988
Published: 2014-09-20
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode parameter.

CVE-2014-0989
Published: 2014-09-20
Stack-based buffer overflow in Advantech WebAccess (formerly BroadWin WebAccess) 7.2 allows remote attackers to execute arbitrary code via the AccessCode2 parameter.

Best of the Web
Dark Reading Radio