Kaspersky: is Android the new Windows?

In its Q1 threats report, the Moscow-headquartered IT security vendor says that the world of mobile malware is starting to resemble the Windows marketplace more and more.

And, the report adds, Google Android is dominating the mobile arena in terms of a hacker's target of choice when it comes to malware.

In fact, says Yuri Namestnikov, a Kaspersky security researcher, the most prone Android devices are those which have been jailbroken, giving users administrative access over the platform similar to that which Windows users have over their systems.

"Is it difficult for cybercriminals to get an Android Market Developer account? Sadly, it is very easy. All a user has to do to get an account is pay $25.99", he says in in his report.

"Clearly, Google wants to attract as many developers to its operating system as possible. However, $25.00 is not nearly enough of a barrier to entry and cybercriminals can afford to create dozens of such accounts", he adds.

The report goes on to predict that this could result in an endless loop, with Google shutting down accounts used to distribute malware and cybercriminals creating new ones without any problems.

According to the report, one feature of Q1 of 2011 was the increasing number of attacks launched against various organisations.

In addition to conventional DDoS attacks that block access to corporate servers for indeterminate periods of time, Namestnikov's report says there were also many that focused on gaining unauthorised access to such servers in order to steal information.

Attacks of this type, he explained, fall into two broad groups.

"Attacks within the first group are carried out with the aim of stealing data from corporate servers and selling it to third parties", the report notes.

"It is important to note that as a result of an attack, the cybercriminals often gain access to personal data belonging to the clients of a targeted organisation. This data can be used later for, among other things, carrying out targeted attacks against the companies where the owners of the stolen data work", the report adds.

Attacks that fall within the second group, meanwhile, are carried out as a form of protest. These attacks, says the report, are not carried out for financial gain and ultimately pursue a single goal - that of tarnishing the reputation of the targeted organisation and destroying its public image.

Back on the smartphone trail, however, and Kaspersky's report cites data from IDC as showing that smartphone sales have now passed PC sales in the marketplace.

The growing popularity of the Android OS in the mobile market, says the study, may soon lead to a situation similar to that which exists in the PC domain.

"Given the possible future domination of the Android OS, cybercriminals may concentrate their efforts on writing malware for this platform rather than diluting their efforts across a number of different platforms. Such tactics will assist the cybercriminals in infecting the largest possible number of users mobile devices", the report notes.

"The protection of mobile devices is currently complicated by the fact that personal smartphones are often used to store and send confidential information belonging to the companies that users work for. At the same time, company employees tend to underestimate the importance of protecting data stored on such devices", the report adds.

What’s Hot on Infosecurity Magazine?