As Android Market Share Grows, So Does Android Malware

Malware detection and anti-crimeware solutions specialist Total Defense, Inc. announced the findings of its 2011 Internet Security Threat Intelligence Report, which indicates Google Android’s rise in market share was only surpassed by the amount of malware targeted at Android devices. In total, over 25 times more Android Malware was identified in 2011. The Threat Intelligence Report identified and analyzed the most notorious Android malware in 2011 that used social engineering tricks to lure users, such as AndroidOS/Foncy, an SMS-Trojan that differentiates itself from others in this category by choosing different destination message centers based on country code and AndroidOS/Dogowar, a Trojan created by malware authors socially motivated to stop animal cruelty.

Other malware cited in the report includes AndroidOS/Fakeneflic.A, a Trojan belonging to the InfoStealer category that tricks users by disguising itself as popular software that requires login credentials. If the user is successfully tricked, the entered credentials will be posted to a hosted website. AndroidOS/WalkSteal.A, a unique SMS-Trojan created with the intention to teach a lesson to the users who are interested in using pirated applications, was also cited, as well as AndroidOS/FakePlayer.A, an SMS-Trojan that uses a familiar social engineering trick of disguising as a media player. When executed, it sends four SMS messages to a premium number.

One final piece of malware also showed up in the report, AndroidOS/Golddream.A, a Trojan that disguises itself as gaming applications where upon it monitors and records information about incoming/outgoing calls, incoming SMS messages in plain text files that is uploaded to a hardcoded URL

“This past year can be viewed as the year of Android malware with more than 9,000 escalations, clearly illustrating the exponential growth of threats targeting this platform,” said Paul Lipman, CEO at Total Defense. “The rise of Android malware opens up an interesting debate about security architectures and the merits of open versus closed systems. While users have the ability to install any code, from anywhere, the problem is that criminals see this as an advantage too.”

The report also details that the movement toward the App-Paradigm, whereby PCs become more appliance-like and only authorized applications can be installed and run, can dramatically decrease the attack surface for digital devices. The Total Defense research team suggested major platform vendors can do more Microsoft can lock-down Windows 8 to a greater extent on the PC by enticing more Metro App development and Google can better secure Android Apps by offering certified applications via their Android Marketplace.

“The malware landscape is changing at a rapid pace with cyber-criminals producing new malware variants at an exponential rate,” said Lipman. “The proliferation of consumer digital devices for convenient Internet access coupled with our global socio-economic climate continues to serve up a perfect storm for online criminal activity. Our goal is to empower end-users with solutions that can provide them complete protection in this dangerous digital world.”

In addition, the report chronicles the acts of hacktivism that have transpired over the past year, including activity by well-known groups LulzStorm, Anonymous and LulzSec. The report covers specific activity around organized crimeware, including the high-profile, successful take-downs of the large-scale DNS-Changer, Rustock and Coreflood Botnets, as well as the arrest of the co-founder of ChronoPay, a Russian online payment processor, which processed the sales of leading FakeAV. While law enforcement and cloud security controls have put a dent in large scale Malware attacks in 2011, threats remain extremely high, the report concluded. 

To read the original eWeek article, click here: Android Devices Highly Targeted by Malware: Report