According to the IT security vendor's report, the Android platform has now finally established itself as the most popular for malicious mobile programs, overtaking other platforms as well as ‘generic’ Java malware.
In September 2011 alone, said the firm, the number of newly discovered malware for Android-based devices increased by more than 30%. These trends, added Kaspersky, are of course alarming, “especially if we take into account that such malicious mobile programs sometimes show up on Android Market.”
One example of a malicious app distributed through the official store is Trojan-Spy.AndroidOS.Antammi.b. This program, masquerading as a simple app for downloading ringtones, appeared on Android Market only to be removed after notification from Kaspersky.
The 'cover' program is designed for users in Russia, who use it to send text messages to a paid service to receive back desired tunes. This activity is perfectly legitimate; however, the malicious payload activity is simultaneously going on in the background.
Like traditional desktop malware, Kaspersky said that Antammi.b steals almost everything: contacts, texts, GPS coordinates and even photos. The activity log is then sent to the criminal behind the scam via a simple e-mail message, and the data is uploaded to a server.
The unrequited love-story being played out between the cybercriminal world and the Android platform is not surprising – due to the platform’s leading market share, flexibility and openness, yet at the same time lax control over its software distribution.
The result, said the firm, is the share of Android-based malicious programs among all mobile malware currently being higher than 46% and growing rapidly.
More worrying is the fact that, apart from stealing personal data, sending texts, and making calls to premium numbers, mobile malware is also targeting banking services, which often send one-time passwords and confirmation codes to mobile phones.