Popularity breeds malware for Android

Malware targeting Android made up 63% of all mobile malware in the second quarter of 2011, said McAfee

Malware targeting Android made up 63% of all mobile malware in the second quarter of 2011, according to Security Mobile Devices: Present and Future.

Igor Muttik, McAfee researcher and author of the white paper, cautioned against comparing the security of operating systems alone. He said that the iOS and Android are comparable in terms of security, but the reactive approach of the Android Market to malware, rather than the proactive approach of Apple’s App Store, creates more opportunities for malware writers.

“People tend to compare security of operating systems and security of individual phones, but what really should be done is comparing the entire set of security features environment, which includes the hardware, the software, and the marketplace, and to some extent the mobile service provider and OEM for the phone”, Muttik told Infosecurity.

“The entire infrastructure and environment around the device makes the security of that device very different, depending on how it is implemented and how it is managed”, he said.

Muttik noted that for the iPhone, the same company manufactures the phone, installs the software, and managers the applications store. However, with Android, there are a number of OEMs that manufacture the phones, and they frequently modify the operating system to include additional features. “It’s a risky process. If some bug is introduced in how devices are updated, the entire operating system can be compromised by a piece of malware”, he commented.

Google has attempted to improve security with the Android Ice Cream Sandwich, also known as Android 4.0, but it has not been available long enough to judge whether it is being effective, Muttik said. Launched in October, Android 4.0 includes a unified interface for phones and tablets – as well as a number of significant new technical features, including native facial detection.

In its conclusion, the white paper predicts massive attacks on mobile app stores “that will start with simple malware posts and gradually involve manipulating developers’ reputations and infiltrating app source-control systems.”

Popularity breeds malware for Android

You may also like

New Android botnet Identified

Rooting out rootkits: Security software won't help, says Symantec

Mobile Malware Infects Millions; LTE Spurs Growth

Verizon launches mobile security app for Android

No more nickel-and-dime malware for cybercriminals targeting Android users

What’s hot on Infosecurity Magazine?

Alarming Decline in Cybersecurity Job Postings in the US

CrushFTP File Transfer Vulnerability Lets Attackers Download System Files

MITRE Reveals Ivanti Breach By Nation State Actor

How to Backup and Restore Database in SQL Server

Russia's Sandworm Upgraded to APT44 by Google's Mandiant

Massive Brute-Force Attack on Alibaba Affects Millions

Cybersecurity Pros Urge US Congress to Help NIST Restore NVD Operation

North Korean Group Kimsuky Exploits DMARC and Web Beacons

Report Suggests 93% of Breaches Lead to Downtime and Data Loss

US Government and OpenSSF Partner on New SBOM Management Tool

NIST Unveils New Consortium to Operate National Vulnerability Database

EU Elections: Pro-Russian Propaganda Exploits Meta's Failure to Moderate Political Ads

Incident Response: Four Key Cybersecurity Measures to Protect Your Business

Is MFA Enough? Strategies for Next-Level Identity Security in 2024

Disinformation Defense: Protecting Businesses from the New Wave of AI-Powered Cyber Threats

Navigating the Evolving Cybersecurity Compliance Landscape in 2024

Adapting to Tomorrow's Threat Landscape: AI's Role in Cybersecurity and Security Operations in 2024

Beyond Passwords: Securing the Digital Age with MFA, 2FA, and Passwordless Authentication

Infosecurity Magazine Spring Online Summit 2024: Day One

Infosecurity Magazine Spring Online Summit 2024: Day Two

Russia’s Midnight Blizzard Accesses Microsoft Source Code

I-Soon GitHub Leak: What Cyber Experts Learned About Chinese Cyber Espionage

LockBit Takedown: What You Need to Know about Operation Cronos

Women in Cybersecurity at Infosecurity Europe 2024