March 8, 2013
Report Finds Android’s Share Of Mobile Malware On The Rise
redOrbit Staff & Wire Reports - Your Universe Online
Android accounted for 79 percent of all mobile malware last year, compared with 66.7 percent in 2011 and 11.25 percent in 2010, according to the latest Mobile Threat Report from security firm F-Secure.
“Android malware has been strengthening its position in the mobile threat scene. Every quarter, malware authors bring forth new threat families and variants to lure more victims and to update on the existing ones,” F-Secure said.
Meanwhile, Apple´s iOS remains one of the least compromised operating systems, with just 0.7 percent of all mobile malware occurring on its platform.
Windows Mobile, BlackBerry and J2ME each accounted for less than one percent of the total threat families in circulation last year, F-Secure said.
Symbian´s percentage of mobile malware fell to 19 percent in 2012, compared with 62.5 percent two years ago. However, this is primarily due to the platform´s plummeting market share after parent company Nokia decided to halt development in February 2012.
“As its market share declines, so does malware authors´ interest in the platform as evidenced by the statistics seen in Q4 where only four new families and variants of Symbian malware were recorded,” F-Secure said in its report.
“As old Symbian handsets continue to be replaced by those with other operating systems, especially Android, Symbian malware dies off and will probably go extinct in 2013.”
According to the report, Android´s share of mobile malware rose sharply in the fourth quarter of 2012, accounting for 96 percent of all attacks. Interestingly, all other platforms, with the exception of Symbian, did not appear to have any malware threat families received during that quarter, F-Secure said.
The rise of Android´s proportion of mobile malware can be largely attributed to the operating system´s increasing market share, which rose to 68.8 percent in 2012, compared with 49.2 percent in 2011. On the threat side, its share rose from 66.7 percent in 2011 to 79 percent in 2012, according to the report.
“Malware in general has a parasitic relationship with its host,” F-Secure said.
F-Secure said 66 percent of its detections were Trojans, malware disguised as something else. The security firm said it believes Google´s increased security prompts, introduced with Jelly Bean, should help reduce that figure in the future. However, according to Google´s latest distribution statistics, Android 4.2 is only at 1.6 percent, so it may be a while before we see any significant malware reductions as a result of the new security features.
F-Secure said 21 of the 96 Android threat variants came from premium SMS messages that promoted downloads, which can sometimes result in additional problems by way of subscription services to which users inadvertently become subscribed.
Users are often unaware of these problems until a charge shows up on their bill.
“Any tell-tale messages or notifications from these numbers and/ or services will be intercepted and deleted; therefore, the users will be completely unaware of these activities until the charges appear on their bills,” read the report.
In addition to SMS-sending malware, some malware authors or distributors may seek to profit through mobile banking Trojans such as Citmo, which made its debut in Q4 2012, F-Secure said. The malware steals the mobile Transaction Authentication Number (mTAN) that banks send via SMS to customers to validate an online banking transaction.
Using this number, it can then transfer money from the victims´ account and the banks will proceed with the transaction because it appears to be coming from the rightful account owner.
Schiller, SVP of Worldwide Marketing at Apple, wasted no time in responding to F-Secure´s report, taking to Twitter to tell his followers to “be safe out there,” while including a link to the report.