Android malware has found its way into security industry news again in the past several days.
First, Trend Micro reported last week that the so-called “Godless” mobile malware can target any Android running Android 5.1 (Lollipop) or earlier. The company said the malware has affected more than 850,000 devices worldwide and can be found in prominent app stores such as Google Play.
Then on Wednesday, Cheetah Mobile estimated that a Chinese hacking organization was making $500,000 a day via a Trojan dubbed “Hummer.” Calling it the most prolific Trojan in history, the company reported that during the first half of 2016 alone, Hummer infected nearly 1.4 million devices worldwide. In China alone there were 63,000 infections a day.
Despite Google’s attempts over the past several years to do a better job issuing patches and vulnerability reports, the news about Android phones being attacked should come as no surprise.
Farokh Karani, director of North American Sales & Channels for Quick Heal Technologies, said the company’s research found that 90 percent of Android devices two years or older have an operating system that’s vulnerable. That’s significant because Statistica reports that about half of the installed based of Android phones are at least two years old.
“We’ve found that there are a lot of users who don’t upgrade every two years, like many techies do, and they are vulnerable to malware,” he said.
And Mike Murray, vice president of research and response at Lookout, added that as companies continue to rely on enterprise-class mobile devices and smartphones in the enterprise to replace laptops they are more vulnerable to attack.
“Attackers are increasingly shifting their focus to mobile platforms, seeking out vulnerabilities to exploit and developing more sophisticated attacks,” he said.
Dark Reading spoke to Lookout and Quick Heal Technologies to learn more about what security managers can do to protect their users. Here’s what they recommend to keep the hackers at bay, including a detailed list of Quick Heal’s Top 10 Android malware strains from a recent quarterly report.