99% of mobile malware targets Android

Kaspersky Lab found that 99% of newly discovered mobile malicious programs target the Android platform, with a very small amount targeting Java- and Symbian-based smartphones.

Consider the facts: Kaspersky tracked a negligible eight new unique malicious programs in January 2011, after which the average monthly discovery rate for new Android malware in 2011 went up to more than 800 samples. In 2012, Kaspersky identified an average of 6300 new mobile malware samples every month. Overall, in 2012 the number of known malicious samples for Android increased more than eight times.

The majority of Android malware can be divided into three main groups according to functionality, security researchers said: trojans, backdoors and spyware, which together make up more than half of the mobile malware in the wild, Kaspersky found.

SMS trojans drain victims’ mobile accounts by sending SMS texts to premium-rate numbers. Backdoors provide unauthorized access to a smartphone, making it possible to install other malicious programs or steal personal data. And spyware, of course, targets the unauthorized collection of private data, such as address books and passwords.

Less widespread but by far the most dangerous are mobile banking trojans, like Zeus, that often work in conjunction with their desktop counterparts, as was the case with Carberp-in-the-Mobile.

“The Android platform allows software installation from untrusted sources, and one of the best ways to guarantee an infection is to install programs from suspicious websites,” the researchers noted. “However, malware on the official Google Play application distribution platform is another trend that started in 2011 and continued in 2012, despite Google’s best efforts to reduce cybercriminal activity.”

The Android “issue” will become even more pronounced in 2013 for enterprises as the bring-your-own-device (BYOD) phenomenon becomes mainstream. Research from Samsung and IDG into the attitudes of IT executives and consumers toward BYOD found that a full 90% of IT executives believe BYOD will be the norm by 2014.

Almost half (49%) of consumers surveyed believe that the mobile device will become the primary computing device for work-related activities within the next five years.

The research also found that 85% of companies are encouraging the BYOD movement, with more than 70% of IT executives surveyed believing companies without a BYOD strategy will be at a competitive disadvantage. And, 81% of IT decision-makers and 78% of employees said they believe that having a single mobile device helps balance employees’ work and personal lives.

“Bring your own device is at a tipping point as mobile devices are becoming a central hub for our lives,” said Tim Baxter, president of Samsung in the US, during a press conference at the Consumer Electronics Show in Las Vegas this week.

Encouragingly, security was a standout concern in the findings. Most IT executives (84%) and employees (74%) said they see device security as the most important concern, and that companies should implement strong BYOD policies, such as preapproved device lists and mobile device management (MDM) as a result.

What’s hot on Infosecurity Magazine?