Google Inc.’s Android software was the “exclusive” platform for hackers targeting mobile devices in the last quarter, McAfee Inc. said in a report Monday.
The amount of malicious software (read: malware) targeting Android devices jumped 37% between late June and late September, according to the digital security company’s third-quarter threats report. Following a previous quarter of spiking threats against Android devices, McAfee said 2011 is on track to be the busiest year in mobile malware history.
All new mobile threats identified by McAfee during Q3 were specifically designed to target Android users, the report said. Android’s popularity among cyber criminals has been growing in parallel to its popularity among consumers as hackers seek the largest possible group of victims.
Last week, communications equipment maker Juniper Networks Inc. identified what it called an “exponential” increase in Android malware over the last few months, noting 472% growth malicious software samples since July. Accelerating attacks against Android led Juniper to say “the months of October and November are shaping up to see the fastest growth in Android malware discovery in the history of the platform” in a Nov. 15 blog post.
Story continues below
“We’re seeing a mix of the traditional hacking community [working] on malware very similar to organized efforts on the PC side, as well as people who are just a little smart, the ’15-year-old kid crowd,’ who are able to hide some malicious content in an app,” Dan Hoffman, Juniper’s chief mobile security analyst, explained in an interview with ITbusiness.ca on Monday.
Far more attack apps have appeared in Chinese app stores that distribute Android software, Mr. Hoffman said.
Most of the new threats came in the form of apps on Google’s Android Market disguised as benign programs that secretly record and transmit a user’s activities once downloaded in hopes of obtaining sensitive financial information. However, the McAfee report also noted a rise in what many would consider an even deeper privacy invasion: malware capable of recording and transmitting phone calls.
“Two examples are Android/NickiSpy.A and Android/GoldenEagle.A – both of which record user conversations and forward them to the attacker,” reads an excerpt from page four of the report.
“Attackers can’t be sure that the first one or two calls have the information they seek, so these malware remain on the devices for extended periods without being detected; that’s a very persistent threat indeed!”
Researchers blame Google’s lax approval process of new Android apps in addition to the platform’s general popularity as the reason for the dubious honour. As the following excerpt from Juniper’s blog post explains, the process of removing an allegedly malicious app from the Android Market is reactionary based on user complaints and therefore open to sustained vulnerability.
“With no upfront review process, no one checking to see that your application does what it says, just the world’s largest majority of smartphone users skimming past your application’s description page with whatever description of the application the developer chooses to include. Sure, your application can be removed after the fact-if someone discovers that it is actually malicious and reports it. But, how many unsuspecting people are going to download it before it is identified as malicious and removed?”
Of course, it is worth noting that Apple Inc., which applies the exact opposite philosophy to accepting apps designed for its iOS platform by subjecting them to an intensive and occasionally onerous review process, is by no means exempt from hacker threats either.