August 28, 2013
Android OS Dominates Mobile Malware Share
Enid Burns for redOrbit.com – Your Universe Online
A US Department of Homeland Security memo from July that finds the Android OS holds 79 percent of the world's malware threats. The memo, "Threats to Mobile Devices Using the Android Operating System," concedes that "Android is the world's most widely used mobile operating system (OS) and continues to be a primary target for malware attacks due to its market share and open source architecture."
A persistent fragmentation problem is identified as part of the blame for the spread of malware on the Android platform, the Verge reports. The report states that 44 percent of Android users still use versions of Gingerbread, that is Android 2.3.3 through 2.3.7. Newer versions of Android exist, however handsets typically stay on the version of Android they are issued. A 2012 report showed that use of Gingerbread remained larger than Ice Cream Sandwich, a newer version of Android. Current data from Google shows Gingerbread has 33 percent of the share of Android devices, Ice Cream Sandwich powers 22.6 percent, and Jelly Bean is on 40.5 percent of Android devices.
Fragmentation of Android versions means that there are multiple platforms, which may not be updated regularly, that criminal hackers can exploit. The open source nature of Android, while it has its benefits, also becomes a weakness in that criminal hackers can easily modify programs to suit their needs.
Security threats come in three forms, as stated in the report: SMS or text messaging Trojans; rootkits; and fake Google Play Domains. SMS Trojans comprise almost half of the malicious applications. The software sends text messages to premium-rate numbers owned by criminal hackers, which racks up charges on the user's phone bill.
Rootkits are malware that operate much like malware on a PC. The malware tracks the user's locations, keystrokes and passwords just like a keystroke tracker on the PC.
Fake Google domains try to trick users into downloading infected apps by posing as Google Play, or another app store. The downloaded programs operate as rootkit malware.
The memo makes recommendations including installing an Android security suite designed to combat threats. To address rootkits, the memo recommends installing the Carrier IQ Test, a free application that can detect and remove the malicious software.
The Carrier IQ test app received early criticism, The Next Web reports. The app was used by carriers and handset makers as a "form of surveillance software." It was found that the app secretly tracked keystrokes and location, the exact actions that the Department of Homeland Security suggests the Carrier IQ test app will detect and remove.
The news that Android accounts for the highest malware rates is not a surprise. The Mobile Threat Report released by F-Secure in March finds that Android accounted for 79 percent of mobile malware last year, the same period that the Department of Homeland Security memo tracks. In April, a study released by NQ Mobile noted a surge in malware found on mobile devices. Malware increased by 163 percent in 2012.