Android Malware Increased 400% Over Six Months

Wednesday, May 11, 2011

Headlines

69dafe8b58066478aea48f3d0f384820

As consumers and businesses become more and more dependent on the use of mobile devices in the course of their daily activities, from accessing secure corporate networks to mobile banking and ecommerce activities, the targeting of mobile devices will also grow more intense.

Juniper Networks has released a report which reveals that samples of malware strains targeting devices running the Android operating system increased 400% between June of 2010 and January of 2011.

"These findings reflect a perfect storm of users who are either uneducated on or disinterested in security, downloading readily available applications from unknown and unvetted sources in the complete absence of mobile device security solutions," said Dan Hoffman, chief mobile security evangelist at Juniper Networks.

While a great deal of media focus is currently focused on privacy issues in regards to the collection of geolocation and user behavior data by companies like Apple, Microsoft and Google, far less attention is being paid to the fact that criminal syndicates are now committing a great deal of resources towards exploiting security vulnerabilities in the smartphone market.

"Mobile malware attacks and other exploits are no longer just theoretical occurrences discussed by security researchers and vendors keen on cashing in on a projected market. The threats to mobile devices are real — and reach far beyond simple viruses to include malware, loss and theft, data communication interception, exploitation and misconduct, and direct attacks. This report details specific attack vectors on mobile devices over the past year, defines new and emerging mobile threats expected in 2011, and gives mobile users practical advice to protect themselves from malicious attacks," the report abstract states.

The report notes that there needs to be an increase in diligence by those who approve applications for distribution in the marketplace, as well as more proactive security efforts on the part of consumers.

Other key findings in the Juniper report include:

App store anxiety: The single greatest distribution point for mobile malware is application download, yet the vast majority of smartphone users are not employing an antivirus solution on their mobile device to scan for malware.

Wi-Fi worries: Mobile devices are increasingly susceptible to Wi-Fi attacks, including applications that enable an attacker to easily log into victim email and social networking applications.

The text threat: 17 percent of all reported infections were due to SMS trojans that sent SMS messages to premium rate numbers, often at irretrievable cost to the user or enterprise.

Device loss and theft: 1 in 20 Juniper customer devices were lost or stolen, requiring locate, lock or wipe commands to be issued.

Risky teen behavior: 20 percent of all teens admit sending inappropriate or explicit material from a mobile device.

"Droid Distress": The number of Android malware attacks increased 400 percent since Summer 2010.

"App store processes of reactively removing applications identified as malicious after they have been installed by thousands of users is insufficient as a means to control malware proliferation. There are specifics steps users must take to mitigate mobile attacks. Both enterprises and consumers alike need to be aware of the growing risks associated with the convenience of having the Internet in the palm of your hand," Hoffman added.

Source:  http://www.juniper.net/us/en/dm/interop/go/

Possibly Related Articles:
14176
Viruses & Malware
Trojans malware Mobile Devices Smart Phone Headlines report Android Application Market
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.