The amount of malicious software (read: malware) targeting Android devices jumped 37% between late June and late September, according to the digital security company’s third-quarter threats report. Following a previous quarter of spiking threats against Android devices, McAfee said 2011 is on track to be the busiest year in mobile malware history.
All new mobile threats identified by McAfee during Q3 were specifically designed to target Android users, the report said. Android’s popularity among cyber criminals has been growing in parallel to its popularity among consumers as hackers seek the largest possible group of victims.
Last week, communications equipment maker Juniper Networks Inc. identified what it called an “exponential” increase in Android malware over the last few months, noting 472% growth malicious software samples since July. Accelerating attacks against Android led Juniper to say “the months of October and November are shaping up to see the fastest growth in Android malware discovery in the history of the platform” in a Nov. 15 blog post.
“We’re seeing a mix of the traditional hacking community [working] on malware very similar to organized efforts on the PC side, as well as people who are just a little smart, the ’15-year-old kid crowd,’ who are able to hide some malicious content in an app,” Dan Hoffman, Juniper’s chief mobile security analyst, explained in an interview with ITbusiness.ca on Monday.
Far more attack apps have appeared in Chinese app stores that distribute Android software, Mr. Hoffman said.
Most of the new threats came in the form of apps on Google’s Android Market disguised as benign programs that secretly record and transmit a user’s activities once downloaded in hopes of obtaining sensitive financial information. However, the McAfee report also noted a rise in what many would consider an even deeper privacy invasion: malware capable of recording and transmitting phone calls.
“Two examples are Android/NickiSpy.A and Android/GoldenEagle.A — both of which record user conversations and forward them to the attacker,” reads an excerpt from page four of the report.
“Attackers can’t be sure that the first one or two calls have the information they seek, so these malware remain on the devices for extended periods without being detected; that’s a very persistent threat indeed!”
Researchers blame Google’s lax approval process of new Android apps in addition to the platform’s general popularity as the reason for the dubious honour. As the following excerpt from Juniper’s blog post explains, the process of removing an allegedly malicious app from the Android Market is reactionary based on user complaints and therefore open to sustained vulnerability.
0 komentar:
Post a Comment