Android Malware Rockets 300X in 2 Years

Windows may still represent the lion’s share of malware development, but the Android mobile OS continues to garner interest from black hats: 2014, in fact, saw a 300-times increase in Android malware overall.

According to Quick Heal’s Annual Threat Report for 2015, adware and ransomware have been dominant on Windows for a few years and have now evolved and propagated to Android devices as well. The development makes the threat landscape “all-encompassing and unescapable,” the company said.

“The threat landscape has drastically changed over the last few years and this makes our job harder and highlights the importance that users and enterprises must pay to channels such as social media, web-based services, cloud portals and more,” said Sanjay Katkar, CTO at Quick Heal Technologies, in a statement. “All bits of data can be monetized today.”

The Quick Heal Threat Research Labs found close to three million Android malware samples in 2014—making for a 304-times growth between 2011 and 2014. The number of detected samples has quadrupled from January 2014 to December 2014.

Overall for the year, Quick Heal has found 536 new malware families and 616 new variants afflicting Android.

Android users have been exposed to the increased threat of fake paid applications on the official Google Play store, but other threats are now leaping over from the PC realm.

Ransomware was a major threat in 2014, virtually encrypting or locking PCs and demanding ransom payment. But this genre of attack has evolved over the last 12 months to get craftier: it often now displays messages in localized formats with local time zones, languages and authorities taken into consideration. Ransomware is expected to evolve with advanced propagation techniques in 2015, with an increasingly mobile dimension. Thus, it is one of the top major threats to be wary of, according to Quick Heal.

In 2014, Android was subjected to the first worm that spreads through SMS and propagates to other devices in an endless chain. And, the first boot-kit was detected on Android, which modified the device boot partition within Android devices.

Meanwhile, one of the most prominent malware propagation techniques of 2014 was adware, which injects banner ads, hijacks default web browsers and search engines, and makes PCs slow and unstable. In fact, 59% of malware samples detected by Quick Heal fall into the category of spam, and the remaining are classified as adware. In 2015, the firm expects adware techniques to evolve further into the ‘malvertising’ arena, and mobile adware is expected to dominate the Android scenario in the near future, Quick Heal said.

Android.Viser.A has been the most prominent form of Android adware that has been detected on the platform so far.

Aside from ransomware and adware, Quick Heal predicts that two other Android threats will be ones to watch in 2015. For one, it is expected that new cashless payment systems and banking credentials and apps are going to come onto the radar of malware authors in 2015, offering a fertile new development playground. And, Wi-Fi networks will become the new battleground as hackers will look to launch man-in-the-middle attacks to interrupt, redirect and intercept mobile traffic packets.

What’s Hot on Infosecurity Magazine?