Report: Mobile Malware Increasing, Android Worst Offender

Stephen Yagielowicz

LOS ANGELES — A recent report is revealing startling statistics underscoring the meteoric growth of malware targeting the Open Source Android mobile operating system.

The darling of adult app developers seeking a less-restrictive arena for the marketing of their wares, the primary strength of the Google-backed Android platform from an adult industry perspective is its inherent freedom — an Open Source hallmark — that in this case, extends beyond coding and content, to ease of distribution.

Unfortunately, the same advantages that the platform presents to adult operators are also those sought by malware distributors.

“What happens when anyone can develop and publish an application to the Android Market?” asks the Juniper Global Threat Center, authors of the highly respected annual Malicious Mobile Threats Report, which measured a whopping 472 percent increase in Android malware samples since July of 2011.

This increase follows Juniper’s findings of a 400 percent rise in Android malware from 2009 until the summer of 2010. 

According to Juniper, the firm has seen exponential grow in Android malware during the past several months — with October and November expected to see the most rapid growth in Android malware in the platform’s history.

For examples of this stratospheric upswing, Juniper reports that malware increased by 28 percent in September, by 110 percent in October, and by 171 percent since July.

“These days, it seems all you need is a developer account, that is relatively easy to anonymize, pay $25 and you can post your applications,” a Juniper spokesperson stated. “With no upfront review process, no one checking to see that your application does what it says, just the world’s largest majority of Smartphone users skimming past your application’s description page with whatever description of the application the developer chooses to include.”

While Juniper notes that applications can be removed after publication, this process depends upon the app being identified as the source of a specific malware threat that is then actually reported, creating a numbers game for malware developers who count on substantial numbers of installations before the problem is identified in the wild. 

It’s not just the volume of attacks that should worry users — but their sophistication.

“[We’ve begun] seeing Android malware that was capable of leveraging one of several platform vulnerabilities that allowed malware to gain root access on the device, in the background, and then install additional packages to the device to extend the functionality of the malware,” the Juniper rep explained. “Today, just about every piece of malware contains this capability … using it to gain privilege escalation on the device in order to gain access to data and services that wouldn’t otherwise be available.”

The report finds that these attacks center on communications, location and personally identifying information, with more than 55 percent of known Android malware acting as spyware in one form or another.

“The other major type of attack, which makes up 44 percent, is SMS Trojans, which send SMS messages to premium rate numbers owned by the attacker in the background of a legitimate application, without the person’s knowledge,” the Juniper report declares. “Once these messages are sent, the money is not recoverable, and the owners of these premium rate numbers are generally anonymous.”

While such eye-opening figures may make one question whether or not Apple’s iOS is less secure than Android, Juniper is quick to point out that it’s not necessarily because of any underlying security vulnerabilities in the platforms themselves — but in how apps and content restriction policies are dealt with throughout the distribution chain.

“The main reason for the malware epidemic on Android is because of different approaches that Apple and Google take to police their application stores,” the Juniper rep explains. “Android’s open applications store model, which the lacks code signing and an application review process that Apple requires, makes it easy for attackers to distribute their malware.”

“There is still no upfront review process in the official Android Market that offers even the hint of a challenge to malware writers that their investment in coding malware will be for naught,” the Juniper report concludes.

For adult app developers, solving the Android malware problem may also close down one of the mobile market’s most profitable distribution channels — or at least make it as challenging as the iOS arena.