Android app users playing Russian roulette with malware
Google’s mobile operating system most likely to be target of attacks, research finds.
Mobile malware has grown 614 per cent in the 12 months to March 2013, with Android smartphones and tablets most at risk.
According to research, carried out by Juniper Networks for its third annual Mobile Threat Report, the amount of malware aimed at Google's Android mobile operating system has grown from 24 per cent of all mobile malware in 2010 to 92 per cent in March 2013.
Additionally, the company highlighted Google statistics showing only four per cent of Android phone users have the latest version of the platform installed on their devices.
This, the company suggests, leaves the majority of Android phone owners open to attack through vulnerabilities that have been closed off in later updates.
Henrik Davidson, director of sales for EMEA at Juniper Networks, said the market for malware is sucking talent from the legitimate field of IT security and luring them into the online black economy.
"Basically, it is a profitable business," he told IT Pro. "It is an easy way for a lot of people to make money in a simple way without risking getting caught or sentenced for a crime."
This is because many of the malwares involved are FakeInstallers or SMS Trojans that exploit holes in mobile payment systems, tricking people into sending SMS messages to premium-rate numbers set up by the attackers or redirecting them to premium websites.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
In many cases, users do not even realise they are sending these messages until they get their monthly statement, as an app is doing it silently in the background.
"With that in mind, you can sit at home and make a lot of money by making people visit these sites and send these messages," Davidson said.
As well as draining the security talent pool, thanks to the bring your own device (BYOD) trend this can present a problem for organisations as well, because malware can come into the corporate environment through an employee's phone or tablet.
Asked why he felt the Android platform was proving to be particularly vulnerable, Davidson speculated that it is because the Apple App Store marketplace was much more heavily regulated.
With regard to Windows Phone, Android's second main competitor, Davidson suggested it lags so far behind the others in terms of popularity it is not worth cyber criminals targeting it.
Davidson suggested that in order to combat this at a corporate level, companies need to ensure they offer properly secure, but easy-to-use corporate apps for their employees to prevent them downloading things they may believe will make their life easier, but are actually malware.
Jane McCallion is ITPro's Managing Editor, specializing in data centers and enterprise IT infrastructure. Before becoming Managing Editor, she held the role of Deputy Editor and, prior to that, Features Editor, managing a pool of freelance and internal writers, while continuing to specialize in enterprise IT infrastructure, and business strategy.
Prior to joining ITPro, Jane was a freelance business journalist writing as both Jane McCallion and Jane Bordenave for titles such as European CEO, World Finance, and Business Excellence Magazine.