Last week we told you how to protect yourself from mobile malware. For people who want to go a step further and understand the threats your smartphone faces, we’re going to take a quick look inside the F-Secure Mobile Threat Report Q1 2012. What you’ll find is a Android landscape where threats are quickly maturing.
(You can download the whole report here.)
1. A vast majority of mobile malware is targeting the Android operating system.
New families and variants of Android malware keep cropping up each quarter, and this trend isn’t slowing down. In Q1 2011, 10 new Android malware families and variants were discovered. A year later, this number has nearly quadrupled. 37 new families and variants discovered in the first quarter of 2012 alone. In the first quarter of 2011, 139 malicious Android application package files (APKs) were identified. In the first quarter of that number grew to 3063.
2. If Android users stick to official Google marketplace Play, they should be fine for now.
F-Secure Labs has seen a handful of examples of bad apps popping up in the official Android Marketplace, which has now become Google Play. But these examples are extremely rare compared to the thousands and thousands of good apps available. Apps that you haven’t found inside an official marketplace and begin installing themselves on your phone are much more likely to be malicious.
3. Mobile malware developers are after your money and they’re increasingly sneaky.
We’ve now reached the era where the bad guys believe there is money to be made by invading your smartphone. A vast majority of Android malware is now profit motivated. And with money on their minds, criminals tend to step up their game. Malware authors craft their infected or trojanized applications to defeat anti-virus signature detection. They distribute their malware in different application names, and trojanizing versions of widely popular applications including the most popular app ever to come out of Finland—Angry Birds.
What’s especially sneaky about today’s malware is just how well it can hide itself.
F-Secure Labs Security Advisor Sean Sullivan explains: “Today what we’re seeing are malicious Android applications that have bundled legitimate apps such as Rovio’s Angry Birds Space. First the malicious “wrapper” tricks and manipulates the user into granting permissions that allow the malware to subscribe to premium rate services. But then… the malware actually dos install a working copy of the promised game. At this point there is little to be suspicious of and nothing to troubleshoot. The user gets the game that he was promised.”
How long might a user go without knowing he or she is infected? That remains to be seen.
[CC image by keith.bellvay]