Sean Dolan (UK) - Android: The Latest Target for Mobile Malware

What happens when anyone can develop and publish an application to the Android Market? The answer is a 472% increase in Android malware samples since July 2011. Last year Juniper Networks’ annual Malicious Mobile Threats Report noted exponential growth in Android malware as cybercriminals continue to get away with it all too easily, with October and November shaping up to see the fastest growth in Android malware in the history of the platform.

Today, the majority of malicious applications target an individual’s personal information, communications and location, on both business and consumer devices. In addition to an increase in the volume of malware, the attackers continue to become more sophisticated in the malware they write. For instance, earlier this year Juniper began seeing Android malware that was capable of leveraging one of several platform vulnerabilities where it could then gain root access onto devices and run in the background. It would then install additional packages to the device to extend the functionality of the malware and gain access to the user’s personal information.

Just about every piece of malware that is released today contains such capabilities, simply because the vulnerabilities remain prevalent in nearly 90% of Android devices, which users are usually oblivious to.

How are they getting away with it? Well, it’s quite simple. All cybercriminals need is a developer account, which is relatively easy to anonymize, you pay around £16 and you can post your application. There are no upfront review processes, nobody checks to see whether your application does what it says - just the world's largest majority of smartphone users skimming past your application page with whatever written description the developer chooses to include. The application can of course be removed, but usually only once it’s too late.

So who is writing these apps? Juniper believes it’s the same actors who originally wrote malicious code for the legacy platforms of Symbian and older versions of Windows Mobile. They shifted to Android given that it has gained significant market share when compared to these legacy platforms.

The main reason for the malware epidemic on Android is because of the approach it takes to police their application stores. Android’s open applications store model, which lacks code signing and the application review process that Apple requires, makes it easy for attackers to distribute their malware. There is still no upfront review process in the official Android Market that offers even a hint of a challenge to malware writers that their investment in coding malware will be worthless. Until a tried and tested process comes into play Android will remain the target of mobile malware writers around the world.

By Sean Dolan, SVP (EMEA), Juniper Networks.


« Kathryn Cave (Africa) - African iPad Business Trends


Igor Kravchenko (Russia): How e-Government is Making Russian IT Companies More Competitive »


Do you think your smartphone is making you a workaholic?