News

Android Security Risks Increasing as Popularity Grows

Android, which has seen the number of Trojans targeting the platform nearly triple in just the last three months, is being targeted by attackers as high levels due to its large install base. That's according to Kaspersky Labs, which reported that the number of malware programs for Android skyrocketed from just more than 5,000 in Q1 of 2012 to nearly 15,000 in Q2.

Those statistics, Kaspersky says, "...Points to the fact that more virus writers are changing gear and focusing more on developing malicious programs for mobile devices." And Android's huge popularity makes it the juiciest target.

This is parallels to Windows security threats, Kaspersky says, in which the large install base attracts a growing black market for malware distribution. Unlike the Apple Store or forthcoming Windows Store, Android users of both smartphones and tablets can go to outside sources for apps: "The main channels of distribution are unofficial online app stores and affiliate programs," Kaspersky says. Many of the third-party app stores are in Asia.

About half of the threat detections were "multi-functional Trojans" which steal data from phones, while a smaller but growing number -- 18 percent -- of threats are backdoors, giving the attackers full control of a phone. It can then become part of a mobile botnet network.

One of the most popular Android malware programs is "Zitmo", which is essentially a mobile version of the infamous Zeus banking malware. Zitmo presents itself as an app called Android Security Suite Premium.

Android is the most popular smartphone in the world by far, with nearly 60 percent of the market, according to Q1 figures that show Android with 59 percent marketshare, followed by iOS at 23 percent share.

That data is buttressed by a study from the Cloud Security Alliance, a non-profit that tracks risks to cloud computing. CSA reported on the top threats to mobile computing, and mobile malware was No. 2 on its list, after lost, stolen or decommissioned devices.

Of interest to developers is the No. 3 overall risk: poorly-written third-party apps. The study says that apps often request or secretly obtain more data than they need.

About the Author

Keith Ward is the editor in chief of Virtualization & Cloud Review. Follow him on Twitter @VirtReviewKeith.

Featured

  • Basic Authentication Extended to 2H 2021 for Exchange Online Users

    Microsoft is now planning to disable Basic Authentication use with its Exchange Online service sometime in the "second half of 2021," according to a Friday announcement.

  • Microsoft Offers Endpoint Configuration Manager Advice for Keeping Remote Clients Patched

    Microsoft this week offered advice for organizations using Microsoft Endpoint Configuration Manager with remote Windows systems that need to get patched, and it also announced Update 2002.

  • Azure Edge Zones Hit Preview

    Azure Edge Zones, a new edge computing technology from Microsoft designed to enable new scenarios for developers and partners, emerged as a preview release this week.

  • Microsoft Shifts 2020 Events To Be Online Only

    Microsoft is shifting its big events this year to be online only, including Ignite 2020.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.