Android Malware Surge Needs Vendor Action, Says Report

Total Defense, a malware detection and anti-crimeware specialist, has revealed in a new report that the surge in malware targeted at Android devices has surpassed the Android operating system’s rise in market share.

The “2011 Internet Security Threat Intelligence Report” reveals that, in total, more than 25 times more Android Malware was identified in 2011.

Malware Identified

The study identified and analysed the most notorious Android malware in 2011 that used social engineering tricks to lure users, such as AndroidOS/Foncy, a Short Message Service (SMS) Trojan that differentiates itself from others in this category by choosing different destination message centres based on country code and AndroidOS/Dogowar, a Trojan created by malware authors socially motivated to stop animal cruelty.

Other malware cited in the report includes AndroidOS/Fakeneflic.A, a Trojan belonging to the InfoStealer category that tricks users by disguising itself as popular software that requires log-in credentials. If the user is successfully tricked, the entered credentials will be posted to a hosted Website. AndroidOS/WalkSteal.A, a unique SMS Trojan created with the intention to “teach” a lesson to the users who are interested in using pirated applications, was also cited, as well as AndroidOS/FakePlayer.A, an SMS Trojan that uses a familiar social engineering trick of disguising itself as a media player. When executed, it sends four SMS texts to a premium number.

One final piece of malware also showed up in the study, AndroidOS/Golddream.A, a Trojan that disguises itself as gaming applications whereupon it monitors and records information about incoming/outgoing calls, incoming SMS communications in plain text files that are uploaded to a hard-coded URL.

“This past year can be viewed as the year of Android malware with more than 9,000 escalations, clearly illustrating the exponential growth of threats targeting this platform,” said Paul Lipman, CEO at Total Defense. “The rise of Android malware opens up an interesting debate about security architectures and the merits of open versus closed systems. While users have the ability to install any code, from anywhere, the problem is that criminals see this as an advantage, too.”

The report also details that the movement toward the “app-paradigm,” whereby PCs become more appliance-like and only authorised applications can be installed and run, can dramatically decrease the attack surface for digital devices.

Vendor Action

The Total Defense research team suggested major platform vendors can do more.

Microsoft can lock down Windows 8 to a greater extent on the PC by enticing more Metro App development, and Google can better secure Android Apps by offering certified applications via their Android Marketplace.

“The malware landscape is changing at a rapid pace with cyber-criminals producing new malware variants at an exponential rate,” said Lipman. “The proliferation of consumer digital devices for convenient Internet access, coupled with our global socioeconomic climate, continues to serve up a perfect storm for online criminal activity. Our goal is to empower end-users with solutions that can provide them complete protection in this dangerous digital world.”

In addition, the report chronicles the acts of hacktivism that have transpired over the past year, including activity by well-known groups LulzStorm, Anonymous and LulzSec. The report covers specific activity around organised crimeware, including the high-profile, successful takedowns of the large-scale DNS-Changer, Rustock and Coreflood Botnets, as well as the arrest of the co-founder of ChronoPay, a Russian online payment processor, which processed the sales of leading FakeAV.

While law enforcement and cloud security controls have put a dent in large-scale malware attacks in 2011, threats remain extremely high, the report concluded.

How well do you know Internet security? Try our quiz and find out!

Nathan Eddy

Nathan Eddy is a contributor to eWeek and TechWeekEurope, covering cloud and BYOD

Recent Posts

Vodafone Germany Confirms 2,000 Job Losses, Amid European Restructuring

More downsizing at Vodafone after German operation announces 2,000 jobs will be axed, as automation…

16 hours ago

AI Poses ‘Jobs Apocalypse’, Warns Report

IPPR report warns AI could remove almost 8 million jobs in the United Kingdom, with…

17 hours ago

Europe’s Longest Hyperloop Test Track Opens

European Hyperloop Center in the Netherlands seeks to advance futuristic transport technology, despite US setbacks

17 hours ago

NHS Scotland Confirms Clinical Data Published By Ransomware Gang

NHS Dumfries and Galloway condemns ransomware gang for publishing patients clinical data after cyberattack earlier…

19 hours ago

Fewer People Using Twitter After Musk Takeover – Report

Research data suggests fewer people are using Elon Musk's X, but platform insists 250 million…

22 hours ago

Julian Assange Wins Temporary Reprieve For US Extradition Appeal

US assurances required. Julian Assange handed a slender reprieve in fight against his extradition to…

24 hours ago