Report: 3,325% increase in malware targeting the Android OS

By Dancho Danchev

Which is the most targeted mobile operating system?

According to the recently released 2011 Mobile Threats Report from our partners at Juniper Networks, that’s the Android OS.

Key summary points from the report:

  • From 2010 to 2011, Juniper identified a 155 percent increase in mobile malware across all mobile device platforms.
  • In the last seven months of 2011, Juniper Networks Mobile Threat Center identified a 3,325 percent jump in malware targeting the Android platform.
  • 30% of all mobile applications have the ability to obtain device locations without the user’s consent.
  • 14.7% of all applications have the ability to make phone calls without the user’s consent.
Based on what data was this report compiled?
The Juniper MTC examined more than 790,000 applications and other vulnerabilities across every major mobile device operating system to inform the report.

The majority of malicious applications were found on secondary Android application markets, compared to obtaining them from the primary Android Market:

In 2011, we saw unprecedented growth of mobile malware attacks with a 155 percent increase across all platforms. Most noteworthy was the dramatic growth in Android Malware from roughly 400 samples in June to over 13,000 samples by the end of 2011. This amounts to a cumulative increase of 3,325 percent. Notable in these findings is a significant number of malware samples obtained from third-party applications stores, which do not enjoy the benefit or protection from Google’s newly announced Android Market scanning techniques.

What’s the most popular propagation vector? As always, that’s social engineering attacks — in this case, fake installers:

Fake Installers trick victims into unknowingly paying for popular applications that are normally free but have been pirated by the attackers. Victims are tricked into agreeing to terms of service of pirated applications that then send profits via premium SMS messages to the scammers. While these attacks don’t lead to complete financial ruin, they have the promise of making attackers a tidy profit a few dollars a time.

What’s the most popular malware type detected by Juniper Networks? According to its report that’s spyware applications, accounting for 63% of the total malware samples. Spyware applications can capture and unknowingly transmit data such as the GPS coordinates of the victim, text messages or the browser’s history.

Next to spyware applications, SMS trojans accounted for 36% of the total malware sample. SMS Trojans automatically and silently sent premium-rate SMS messages, with the malicious attackers earning a commission thanks to their participation in an affiliate network.

Thankfully, Webroot’s diversified portfolio of market propositions, has already released on the market applications aiming to protect end and corporate users from mobile  threats like the ones covered in Juniper Network’s report.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

7 thoughts on “Report: 3,325% increase in malware targeting the Android OS

  1. Pingback: An Evolution of Android Malware “My How You’ve Grown PJAPPS!” (Part 1) « Webroot Threat Blog

  2. My girlfriend had a HTC EVO 4G which was bricked and will not boot at all. It looks like something rooted the phone from android 2.3 to android 1.0 I think that it had to do with a Texas Holdem game or a app telling her that she had won a prize. It seems as if this is irreversable.

  3. Pingback: Malicious version of Angry Birds Space spotted in the wild | ZDNet

  4. Pingback: Malicious version of Angry Birds Space spotted in the wild

  5. Pingback: About : Malicious version of Angry Birds Space spotted in the wild New 2012 - Android Apps News

  6. Pingback: Cyberciminals launch managed SMS flooding services « Webroot Threat Blog

  7. This is really interesting, You are an overly skilled blogger.
    I have joined your rss feed and look forward to looking for more of your magnificent post.
    Additionally, I have shared your website in
    my social networks!

Join the Conversation

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s