Top Five Android Malware Families
Report identifies five Android malware families, as well as a new Android root-level vulnerability.
One of the recurring bad memories of the collective IT and telecom consciousness is the manner in which hackers and crackers almost took the wired Internet down a decade ago. The unpleasant memories of those days leads folks who lived through it to pay special attention to any news of increased malware or the growth of other security vulnerabilities as the mobile Internet takes wing.
This inherent feeling of insecurity is more pronounced in the Android world. The open structure of the operating system means that such problems are more likely than in the tightly controlled world of Apple’s iOS. In that context, a report released this week and reported upon at eWeek is worth attention.
The number of malicious Android programs detected by Helsinki, Finland-based security firm F-Secure, for example, has soared past 50,000 in the third quarter, a tenfold increase from the second quarter of 2012, the firm stated in a report released Nov. 5. For North American and western European users, however, cyber-criminals interested in infecting Android systems should not be overly concerning: The increased adoption of Android in less security-conscious markets, such as in China and Russia, is mainly to blame for the jump in malware, the company stated in its report.
The precise demarcation of the problem is unimportant. The key is that Android, in general, is under attack. The challenge is to both the OS itself and the application stores that supply users. An important step was taken last year when Google Play, which offers Google apps, introduced Bouncer, a tool that searches for malware embedded in available apps.
Google is paying attention, both because it is the right thing to do and, more practically, poor security will threaten the overall success of Android, which, in essence, is in many ways a grand experiment.
In the latest revision of Jelly Bean — Android 4.2 — Bouncer capability has been extended from Google Play to devices themselves as an opt-in option. Once enabled, there are three results: An app is found harmless and allowed in, or found to be harmful and rejected. The third option revolves around situations in which it is possible, but not assured, that information being requested by the app will be used maliciously. In those cases, the user is asked what to do.
It is great that Google continually is upgrading Android; however, it will take time for the latest versions to constitute a majority of Android OSes in the field. BGR offers a chart of which versions of the OS dominate. Gingerbread, which was released a couple of weeks ago, accounts for more than half of Android’s universe. The story, which is based on data from security firm Kaspersky Lab, says version 2.3.6 of Gingerbread was targeted 28 percent of the time by malware. Ice Cream Sandwich (Android 4.0) was blocked malware in 22 percent of cases.
The near-death experience of the early broadband days has colored how vendors, service providers and related folks think about mobile security. That’s good news, and makes it unlikely that a near-death mobile experience will occur.