Android Security Risks Increasing as Popularity Grows -- Redmondmag.com

Android Security Risks Increasing as Popularity Grows

By Keith Ward
10/11/2012

Android, which has seen the number of Trojans targeting the platform nearly triple in just the last three months, is being targeted by attackers as high levels due to its large install base. That's according to Kaspersky Labs, which reported that the number of malware programs for Android skyrocketed from just more than 5,000 in Q1 of 2012 to nearly 15,000 in Q2.

Those statistics, Kaspersky says, "...Points to the fact that more virus writers are changing gear and focusing more on developing malicious programs for mobile devices." And Android's huge popularity makes it the juiciest target.

This is parallels to Windows security threats, Kaspersky says, in which the large install base attracts a growing black market for malware distribution. Unlike the Apple Store or forthcoming Windows Store, Android users of both smartphones and tablets can go to outside sources for apps: "The main channels of distribution are unofficial online app stores and affiliate programs," Kaspersky says. Many of the third-party app stores are in Asia.

About half of the threat detections were "multi-functional Trojans" which steal data from phones, while a smaller but growing number -- 18 percent -- of threats are backdoors, giving the attackers full control of a phone. It can then become part of a mobile botnet network.

One of the most popular Android malware programs is "Zitmo", which is essentially a mobile version of the infamous Zeus banking malware. Zitmo presents itself as an app called Android Security Suite Premium.

Android is the most popular smartphone in the world by far, with nearly 60 percent of the market, according to Q1 figures that show Android with 59 percent marketshare, followed by iOS at 23 percent share.

That data is buttressed by a study from the Cloud Security Alliance, a non-profit that tracks risks to cloud computing. CSA reported on the top threats to mobile computing, and mobile malware was No. 2 on its list, after lost, stolen or decommissioned devices.

Of interest to developers is the No. 3 overall risk: poorly-written third-party apps. The study says that apps often request or secretly obtain more data than they need.

About the Author

Keith Ward is the editor in chief of Virtualization & Cloud Review. Follow him on Twitter @VirtReviewKeith.

Featured

What's Inside Microsoft 365's Security Toolbox?

Microsoft provides plenty of native tools to secure Microsoft 365. IT pros just have to know where to look.
Microsoft Kills 30-Day Data Retention Policy for Copilot in Fabric

Microsoft this week announced several usability improvements coming to Copilot in Fabric in preparation of its general availability release later this year.
Using Microsoft Office to Build a Network Diagram 2

Now that we've set up our process, let's dig in with the actual execution.
Microsoft Graph 'Activity Logs' Feature Goes Live

Microsoft announced the general availability of the "activity logs" capability in Microsoft Graph, giving administrators more options to track user activity and identify patterns of potential misuse.
Fallout from Microsoft's 'Midnight Blizzard' Saga Hits Feds

When the Russian attack group Midnight Blizzard successfully breached Microsoft corporate e-mail accounts late last year, it apparently managed to steal U.S. government agency e-mails, too.