97% of Mobile Threats Targeted Android Devices in 2013
The device platform also saw a large increase in malware motivated by profit.
According to a mobile security report that for the second half of 2013, 804 new families or vulnerability variants discovered were targeted at Google's mobile OS platform during that period.
Security research firm F-Secure Labs, which released its findings in this week's Threat Report H2 2013, said that due to Google's huge market share in the mobile OS landscape, most attackers don't see other platforms being worth the effort when creating new security risks.
"For mobile platforms, the continued dominance of the Android operating system makes it almost the exclusive target for mobile threats we've seen this period," read the report. "Though the relatively low number of vulnerabilities found in Android makes the operating system itself difficult to attack, this security is largely circumvented by the relative ease with which malware authors can provide their 'products' and dupe users into installing it on their own devices, with the necessary permissions to straightforwardly use the device (and the user's data) for the attacker's own benefit."
The challenge to curb Android malware, the report read, comes from the "fragmented nature" of the Android OS -- multiple versions running on multiple devices -- makes it difficult for Google to have a comprehensive uniform security policy. This leave device security up to the users and, with the relatively low number of actual Android vulnerabilities (only seven were discovered in 2013), attackers are finding success by tricking users into downloading malware.
The most popular attack vector used is hiding malware in legitimate apps, especially popular casino and gaming applications. Typically the malware will be distributed on non-secure app markets and will usually contain the name of a 'clean' app that could be found on Google's secure Play app marketplace. These harmful apps will then usually include increased permission settings that will allow the app to either send and receive harmful SMS message or connect directly to a botnet server.
While harmful apps still continue to make up the majority of Android-based malware, F-Secure also saw a rise in malware distribution through fraudulent pop-up ads that typically warn users that their devices is infected in a technique called rogueware that has been used by PC attackers for years. Once the ad is clicked, the user is redirected to download malware in disguise as a device cleaner.
"Whether repackaged or faked, the counterfeit app can be made to contain any kind of malicious routine," said F-Secure. "For example an often-seen inclusion is simple, limited functionality to silently send SMS messages that fraudulently force the user to pay for an app that should actually be free."
The report found that the most popular repackaged apps include Candy Crush Saga, Clash of Clans, DoubleDown Casino and Slotmania.
According to the report, Saudi Arabia looks to be the top destination for those wanting malware on their Android device. The country accounted for 42 percent of all malware detections in the second half of 2013, with India coming in second (33 percent), followed by the United States (5 percent).
Another interesting figure from F-Secure's report was the explosion of Android-based malware and attacks motivated by profit in 2013. Based on a count of samples viewed by the security firm, 657 unique for-profit. That's more than triple the amount of 2012's total of 201.
As for the other mobile OS platforms, no malware was recorded to hit Windows Phone, Blackberry and iOS devices.