Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

3/7/2013
09:32 AM
50%
50%

Malware Writers Prefer Android

A whopping 96% of all smartphone malware was written for Android in Q4 2012, reports F-Secure.

Owners of Android smartphones have more to worry about than their peers, according to a new security report published Thursday from F-Secure. During the fourth quarter of 2012, 96% of all malware was written for Android, which has become the biggest target for ne'er-do-wells.

F-Secure compiled data from 2010, 2011 and 2012 to provide a picture of the state of smartphone security. It proves at least one major point: it's costly to be popular. "The rise of Android malware can be largely attributed to the operating system's increasing foothold in the mobile market," wrote F-Secure (PDF).

In 2010, Nokia's Symbian platform was the most targeted by malware writers. F-Secure said 62.5% of all malware written in 2010 was directed at Symbian, which was the dominant smartphone platform at the time. Following Symbian, 23.75% of malware targeted Microsoft's Windows Mobile platform. Just 11.25% of malware targeted Android in 2010, which was then just catching up to Apple's iOS and BlackBerry's OS in popularity. F-Secure noted that there were 80 malware families and variants in 2010.

The number of malware families surged to 195 in 2011, and so shifted the platforms targeted by malware writers. Actutally, the tables turned entirely. Fully two-thirds of all malware written in 2011 was aimed at Android, with Symbian trailing at 29.7%. Windows Mobile fell off the malware map, with just 1% of malware targeted at Microsoft's still-fading legacy smartphone platform. Android was quickly ascending to the top of the smartphone world by 2011.

[ Want the latest on mobile market share? Read Apple iPhone Gains U.S. Market Share. ]

The picture changed less dramatically in 2012. By the close of the year, 79% of all malware was written for Android (with the fourth-quarter's number leaping to an astonishing 96%). Malware written for Symbian dropped further to 19% for the full year. Only 0.7% of malware written in 2012 targeted Windows Mobile. Malware written for BlackBerry and iOS appeared for the first time, said F-Secure, with 0.3% targeting BlackBerry and 0.7% targeting iOS. The number of malware families climbed to a total of about 301.

What's the big deal with malware? F-Secure said, "Malicious actions carried out by these programs include (but are not limited to) installing hidden objects as well as hiding the objects from the user, creating new malicious objects, damaging or altering any data without authorization, and stealing any data or access credentials." These are all distinct possibilities for any device infected by malware.

Trojans are the biggest threat, representing two-thirds of the malware in 2012. Other threats include spyware, riskware, hack tools, monitoring tools and adware. Malware arrives most commonly via SMS or premium SMS messages/notifications.

It is worth pointing out that the author of this report, F-Secure, sells mobile security products and certainly has an agenda. It wants consumers and businesses to adopt its mobile security and protection products. It is also worth mentioning that in 10 years as a smartphone owner, I've never once experienced, witnessed or even heard of a malware problem affecting anyone. Is there a threat? Sure, but it isn't all that significant, in my opinion.

Here's a pro tip to avoid malware: Don't click on random SMS messages that show up from unknown sources, and only download apps from the Google Play Store (or your official mobile app store).

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Drew Conry-Murray
50%
50%
Drew Conry-Murray,
User Rank: Ninja
3/7/2013 | 10:28:56 PM
re: Malware Writers Prefer Android
This isn't really a surprise. Android has big enough numbers to make it a platform worth targeting, and Apple's walled garden approach to apps makes it harder (though not impossible) to slip malicious software into its app store.

Drew Conry-Murray
Editor, Network Computing
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3331
PUBLISHED: 2021-01-27
WinSCP before 5.17.10 allows remote attackers to execute arbitrary programs when the URL handler encounters a crafted URL that loads session settings. (For example, this is exploitable in a default installation in which WinSCP is the handler for sftp:// URLs.)
CVE-2021-3326
PUBLISHED: 2021-01-27
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
CVE-2021-22641
PUBLISHED: 2021-01-27
A heap-based buffer overflow issue has been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).
CVE-2021-22653
PUBLISHED: 2021-01-27
Multiple out-of-bounds write issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).
CVE-2021-22655
PUBLISHED: 2021-01-27
Multiple out-of-bounds read issues have been identified in the way the application processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution on the Tellus Lite V-Simulator and V-Server Lite (versions prior to 4.0.10.0).