Android Malware Samples Predicted at 250,000 for 2012

"The growth in Android malware demonstrates sustained and focused criminal interest in the mobile platform and particularly in the Android operating system,” comments Rik Ferguson, director of security, research and communication at Trend Micro. This is clearly demonstrated by the growing volume of Android malware and its increasing sophistication.

At the beginning of the year Trend Micro predicted that the mobile threat would grow rapidly through 2012. The company expected the relatively small number of existent Android malware to grow to a collected library of 3000 samples during the first quarter of this year, and to 11,000 by the end of the second quarter. The reality has been much worse: 6000 during Q1 and 25,000 by the end of Q2. Android malware is increasing at more than double the predicted rate, and looks to be heading towards more than 250,000 by the end of 2012.

Within this library Trend Micro notes seven primary types of threat: adware, spying tools, rooters, data stealers, premium service abusers, click frauds and malicious downloaders. Premium service abuse remains the most prevalent threat. In the early days of relatively unsophisticated mobile phones, this was the easiest exploit to engineer. It merely and surreptitiously dials premium telephone services, secretly racking up huge bills for the user and vast profits for the hacker.

But as the mobile phone has become more sophisticated, and its use more prevalent in society, so has the complexity, sophistication and threat of malware increased. Rooters allow remote hackers to take control of the phone; data stealers seek out specific information – such as passwords and account details, contact lists and so on – and send it back to the controller; malicious downloaders download and install other malware and malicious apps onto the user’s device.

A major problem for the user is that these malicious apps are not easily spotted. Trend Micro notes that 17 malicious apps were downloaded 700,000 times from Google’s official market place, Google Play. Another route is to disguise malware as a legitimate app. “The most common type of malicious app,” notes the company, “accounting for 30 per cent of all those Trend Micro encountered, is a type which is disguised as a highly popular legitimate app.” 

“Criminals have always followed user behavior and they continue to do so,” adds Ferguson. “As we move steadily to the mobile web, mobile devices offer new avenues for criminal revenue generation alongside the continuation of the old.” Trend’s advice? Be very careful, stay alert to the dangers, and install some anti-malware.

What’s hot on Infosecurity Magazine?