Mobile malware authors 'almost exclusively' focused on Android in 2013, says Symantec
Attackers continue to target Android more than any other mobile operating system, according to a new report released Tuesday, as Google's platform played host to all but one of the new mobile malware families discovered last year.
Microsoft's Windows Phone was the subject of the lone non-Android malware discovery, while Apple's iOS escaped the year unscathed. The data was revealed by Symantec as part of the company's annual internet security threat report.
The various app stores -- both official and third-party -- available to Android users continue to represent the platform's biggest weakness. A Remote Administration Tool, or RAT, appeared last summer, for instance, in a number of apps on the Google Play store.
To highlight those app stores' vulnerability, Symantec specifically called out "the release of an instant messaging application by a well-known smartphone vendor on the Android platform," likely referring to BlackBerry's BBM. "Attackers in turn took advantage of the popularity of the new app and released a variety of counterfeit versions bundled with adware. These apps were quickly removed from the Android marketplace, but not before accumulating a large number of downloads," they added.
Still other threats masqueraded as legitimate apps. Android.Fakedefender purported to be a malware scanning app which was itself a trojan, extorting users to pay for the removal of other, nonexistent viruses that it claimed to have discovered after a system scan.
Android has also been subject to increasingly sophisticated attacks as its installed base grows, the report said. Malware authors have begun to branch out from simply attempting to steal users' personal information to attacks traditionally seen on desktop operating systems, including hybrid campaigns that target both Android devices and PCs.
"The attraction of the mobile environment to attackers is clearly based on the size and growth rate of the user base today," the report reads. "Yet it's also based on the amount of personal information that's easily attainable once an attacker is on the device. With the right permissions the device's phone number, GPS coordinates, camera, and other information become readily available."
Microsoft's Windows Phone was the subject of the lone non-Android malware discovery, while Apple's iOS escaped the year unscathed. The data was revealed by Symantec as part of the company's annual internet security threat report.
The various app stores -- both official and third-party -- available to Android users continue to represent the platform's biggest weakness. A Remote Administration Tool, or RAT, appeared last summer, for instance, in a number of apps on the Google Play store.
To highlight those app stores' vulnerability, Symantec specifically called out "the release of an instant messaging application by a well-known smartphone vendor on the Android platform," likely referring to BlackBerry's BBM. "Attackers in turn took advantage of the popularity of the new app and released a variety of counterfeit versions bundled with adware. These apps were quickly removed from the Android marketplace, but not before accumulating a large number of downloads," they added.
Still other threats masqueraded as legitimate apps. Android.Fakedefender purported to be a malware scanning app which was itself a trojan, extorting users to pay for the removal of other, nonexistent viruses that it claimed to have discovered after a system scan.
Android has also been subject to increasingly sophisticated attacks as its installed base grows, the report said. Malware authors have begun to branch out from simply attempting to steal users' personal information to attacks traditionally seen on desktop operating systems, including hybrid campaigns that target both Android devices and PCs.
"The attraction of the mobile environment to attackers is clearly based on the size and growth rate of the user base today," the report reads. "Yet it's also based on the amount of personal information that's easily attainable once an attacker is on the device. With the right permissions the device's phone number, GPS coordinates, camera, and other information become readily available."
Comments
Attackers continue to target Android more than any other mobile operating system...
Why? Because when something is made out of shit, it tends to attract the flies.
Google issues security upgrades to all 17 of its variations of Android. Also, these viruses mostly do *not* affect the 3.9% of Android users who have Google's latest Android OS.
...but not on known infections. Aiming for a target is not the same as hitting it.
This is just fucking Gold:
http://www.neowin.net/news/the-1-paid-app-in-the-google-playstore-virus-shield-is-a-complete-scam
Wow. I mean, wow.
I tend to agree. Android is
lovedused by the vast majority of smartphone users.Suppose it takes 40hr of coding time to produce a piece of malware for all the Android variants out there, and it brings you $10,000 in ultimate global revenue. It's been established that developing an app for iOS is less than half the effort of developing for Android, so the same hacker could instead spend his 40hr of coding time to produce TWO legitimate apps for iOS, reap twice the revenue, and NOT have Interpol chasing him. Seems like a no-brainer. Perhaps this is why there is less malware for iOS?
Ha!
For $3.99, you get to see the image on the left turn into the image on the right
I think the icon on the left is for Android, the one on the right for iOS, without having to buy an app at all.
[LIST]
[*] http://www.loopinsight.com/2014/04/07/open-totally-wins/
[/LIST]
edit: Dammit! Pipped by [@]Slurpy[/@].
You know what I'm talking about.
Don't worry, there are plenty of logical fallacies that can be applied to insuring that Android wins every time.
But apparently that was never true!
Follow the money: malware writers are doing this because it works.
Search for "android botnet" for a fun time.
Cue the "It's easy to avoid viruses: just buy your apps only from Google's walled garden."
You know what I'm talking about.
Apparently in Android land you can both have the cake AND also eat it.
And also. Android users are apparently *much* smarter so they just know by default what they should and should not install on their phones so It's basically all moot. "No issues" as a colleague of mine says all the time.
At least Android users are paying for protection¡
edit: Dammit! Pipped by @Slurpy.
To be fair, that app wasn't malware. It is a scam though which needs to be addressed.
comb. form
1 in an unpleasant degree: malodorous.
2 in a faulty manner: malfunction.
• in an improper manner: malpractice.
• in an inadequate manner: malnourishment.
3 not: maladroit.
I classify any scam SW as bad, especially if the scam is to tell you your system is safe.
Fooling people to give you money is malicious, and it was done using software. IMO it's the epitome of malware.
Fooling people to give you money is malicious, and it was done using software. IMO it's the epitome of malware
I'm assuming most people identify malware as stealing information through exploiting security flaws. By your definition, in-app purchases for kids focused apps that don't require password protection for every purpose can be considered malware.
edit:
The scam was through purchasing a product. It just happened that the product was software. If I bought software off of ebay and the software failed to activate, does that make ebay malware?
Android is basically synonymous with malware.
Android is winning all right.
" src="http://forums-files.appleinsider.com/images/smilies//lol.gif" />