Sophos Details OS Vulnerabilities For Android And Apple
December 4, 2012

Sophos Details Vulnerabilities For Both Android And Apple Devices

Michael Harper for — Your Universe Online

Apple and Google may be at odds with one another, but according to a new report from Sophos, the two may have something quite dangerous in common. Before the smartphone boom, Windows was the primary computing platform and was found on an overwhelming majority of PCs. As yet, Apple has yet to come close to Window´s market share, yet they are becoming more popular. Similarly, Google´s Android is currently out-shipping Apple´s iPhone, making it a common choice for many smartphone users.

In their Security Threat Report for 2013, Sophos has now called Android “Today´s biggest threat,” as well as issuing a warning to those Mac toters who believe they are immune to malware attacks.

Now that Android has reached 52% of the mobile market share, Android has become an easy target for attackers. One report claims that Android is running on 3 out of every 4 devices sold worldwide. And Sophos even says that these attacks are rapidly increasing, calling their attempts “Unsophisticated, but profitable.”

“Today, the most common business model for Android malware attacks is to install fake apps that secretly send expensive messages to premium rate SMS services,” reads the report, which is freely available online.

“Recent examples have included phony versions of Angry Birds Space, Instagram, and fake Android antivirus products.”

Sophos says Andr/Boxer, a family of Android malware, is responsible for fully one-third of all Android malware attacks. This type of malware mainly affects Android users in Eastern Europe and gains access to their devices by promising users steamy pictures of attractive women. Once these users visit the site in search for the women, they´re encouraged to download an app, such as a false update to an existing app or a false anti-virus app.

Once these apps are installed, they begin sending expensive text messages, luring in even more Android users. Sophos has even discovered that Android users have been enlisted in a global botnet, running malicious code on the handset and reporting back to a remote Web site.

But 2012 wasn´t entirely kind to Mac users, either. Sophos quotes Forrester Research analyst Frank Gillette´s report which holds that nearly half of all enterprises are issuing Macs to their employees. While it was once considered more profitable to attack Windows, the recent boom in Mac sales has made the platform more attractive to attackers. In fact, Sophos says it now detects as many a 49,000 pieces of OS X malware on Macs. Sophos´ anti-virus software found 15 different pieces of Mac malware in one week in August.

This year only reaffirmed how the number of potential trojans and other viruses are available for Macs are on the rise.

This past spring, a single Flashback botnet was found to have infected some 600,000 Macs alone, some of which were located in Apple´s 1 Infinite Loop campus in Cupertino, California. This malware used a Java exploit to install itself on machines with a drive-by download, and Apple and Oracle released a fix for this exploit soon after it became widely known and had infected hundreds of thousands of machines.

Sophos has praised Apple´s new Gatekeeper feature, which by default blocks software not signed with an Apple developer key.

“Gatekeeper is a significant and welcome improvement in Mac security, but it is only a partial solution . Software copied from USB, already on the computer, copied directly between computers, or transferred by non-standard file transfer systems such as BitTorrent will evade it,” reads the Sophos report.

In the end, Sophos suggests educating Mac users about risks to their machines, as well as taking a heady dose of “realism,” understanding that not all Macs are safe and all Macs are vulnerable.