Skyrocketing mobile malware in 2012: Android infections surge by 100%
Increase in Mobile Malware on Android Unveiled
A press release by NQ Mobile on Monday revealed startling findings about the rise in mobile malware attacks on Android devices from 2011 to 2012. According to the data from NQ's global malware database and mobile landscape scans, the number of malware attacks more than doubled, with over 32.8 million Android devices infected last year, compared to 10.8 million in 2011.
The significant increase was mainly caused by the rising popularity of Android devices, the openness of the Android ecosystem, and the exploitation of security vulnerabilities. Mobile malware authors increasingly repackaged legitimate apps with malicious code and targeted users through third-party app stores and risky links.
Causes
The open Android platform, allowing third-party app installations outside the official Market, made it easier for malware to spread through unofficial channels, especially in regions where Google Play was blocked. Use of root exploits, like those exploited by Android/DrdDream to gain device control and evade detection, also played a significant role. Repurposing and repackaging of legitimate apps with malicious code, phishing vectors, and limited awareness and early-stage mobile security solutions in 2011-2012 also contributed to the exponential rise in threats.
Countermeasures
Countermeasures evolved quickly to include app market policing, remote kill-switches, dedicated security tools, and user awareness campaigns. Google removed malicious apps from the official Android Market and suspended offending developer accounts. Remote uninstallation of infected apps and deployment of security tools like the "Android Market Security Tool" were also implemented to clean devices. Security applications by carriers and vendors, like Verizon Mobile Security combining Asurion and McAfee technologies, targeted threats on Android phones. User education focused on cautious app installation, scrutinizing app permissions, and vigilance against unusual device behavior.
Regional Impact
In 2012, Russia had 17.9% of infected mobile devices, India had 19.4%, China had a quarter, the US had 9.8%, and Saudi Arabia had 9.6% of infected mobile devices. There were also increased collaborations between mobile hackers and cyber criminals, with malware being used to capture consumers' private information and sell it to cybercriminals.
Platform Targeting
Android was the most targeted mobile platform for malware in 2012, with 95% of all infections discovered on the platform. The fragmented nature of Google's mobile platform was cited as a continued malware risk.
NQ Mobile's co-CEO, Omar Khan, stated that the current 'discover-first-and-inoculate-second' strategy in the security industry is no longer enough, and there is a need for smarter systems that can discover threats before they infect consumers. Khan emphasised the need for a proactive approach to mobile security to protect users from the growing threat of mobile malware.
- The openness of the Android ecosystem and the exploitation of security vulnerabilities, as noted in the increase in mobile malware attacks, are major issues in cybersecurity, particularly concerning technology for mobile devices.
- As mobile malware authors increasingly repurpose and repackage legitimate apps with malicious code, it becomes crucial to prioritize technology advancements in cybersecurity, specifically focusing on proactive solutions to detect threats before they infect consumers.
