62% of Android Infections Steal Sensitive Info

Privacy-stealing malware is rampant in the Android world, with a full 62% of infected devices being used as conduits for data exfiltration.

"It is widely, but wrongly, believed that malware causes no serious problems beyond slowing down a mobile phone and possibly crashing a device," said Yan Huang, COO of 360 Mobile Security, which released the findings in its Q2 2015 Malware and Vulnerability Report. “The truth is, however, that mobile malware attacks are growing in sophistication and exploiting vulnerabilities that can not only compromise sensitive data, but lead to identity theft and serious financial loss.”

Of the infected devices in the US market, more than half (62%) were infected by privacy-stealing malware, which looks to compromise sensitive data such as contacts, locations, pictures and login credentials. By stealing sensitive data from mobile devices, hackers can gain access to a user's financial data, enabling bad actors to black-mail the user, or simply sell the data on the black market.

In comparison, 13% of compromised devices in the US were infected by malicious adware, and 11% by expense malware, which involves unpermitted expenditures—usually by exploiting existing apps installed on mobile devices.

Interestingly, 360 Mobile Security said that exactly 81.2% of devices running Android 4.4 and earlier have been exposed to TowelRoot. Here, successful exploitation of the Linux bug within the Android operating system would give the attacker administrative access to a victim's phone. That kind of access could potentially allow that same attacker to run further malicious code, retrieve files and device data, and bypass third-party or enterprise security applications.

The Android attack surface is an attractive one for miscreants. According to data from the IDC, vendors shipped a total of 334.4 million smartphones worldwide in the first quarter of 2015, and Android dominated the market with a 78% share. It’s no wonder that greater than 97% of mobile malware targets Android devices, whereas iOS malware takes less than 1% market share.

It’s important however to keep in mind the scale of the issue. The firm further found that the infection rate overall is low: About one out of every 100 mobile devices (1.4%) in the global market. In contrast, just 0.2% of the mobile devices in the US market were infected by malware in Q2.

The discrepancy is largely due to the fact that the global figure includes devices in regions such as South Asia, where people download apps from untrustworthy third-party stores outside Google Play.

What’s Hot on Infosecurity Magazine?