McAfee Singles Out Android for Malware Problems
It would appear that Google's unfortunately lax approach to vetting apps submitted to the Android store is counting heavily against the platform, as McAfee have released figures showing it is now becoming the biggest target for malware writers.
Nokia's now mostly retired Symbian operating system still sits in a resounding first place with just under three quarters of all malware, but Android now has a malware problem that is growing exponentially according to the security company's quarterly threats report...
Last quarter the Android mobile operating system (OS) became the most “popular†platform for new malware. This quarter Android became the exclusive platform for all new mobile malware. The Symbian OS (for Nokia handsets) remains the platform with the all-time greatest number of malware, but Android is clearly today’s target.
They say that SMS-sending trojans are still the biggest threat but that trojans that record phone calls to steal sensitive information are now beginning to appear.
While Google's problems with malware on their Android platform are well known it should be pointed out that this report makes no mention at all of either Apple's iOS, Microsoft's Windows Phone or RIM's Blackberry apps security. It is odd that the chart they provide doesn't single out these operating systems at all, merely referring to "Others" at around 10% of the malware problem.
Ten percent of all smartphone malware however is still a huge issue and assuming that 10 percent is split equally three ways (which is just an assumption to highlight a point), while it would only be about 16% of the total malware available for Android, we're still talking about huge numbers indeed.
Mobile malware is a continuing problem and one I highlight as often as I can. The reason for this being that this malware can cost you real money in premium rate texts or other mobile charges that can't occur on your PC. It's entirely within the gift of your mobile operator as to whether they will refund such costs, but as the mobile malware problem escalates it will become more and more likely that operators will simply blame the user for downloading and installing the malware (which is fair to be honest) and refuse to issue any credits.
As the introduction to the report the company says...
The third quarter of 2011 offered its fair share of noise and signal: Malware continues to be produced daily at high levels, but we often miss its sophistication—which lies buried beneath the big numbers. McAfee Labs saw some significant increases this quarter in stealth malware techniques, often referred to as rootkits, especially from the TDSS family. We also observed the continued emphasis on mobile malware, specifically targeting the Android operating system. In fact, this quarter Android was the sole target of mobile malware writers. A true portent indeed!
Unfortunately the mobile malware problem generally is receiving precious little widespread publicity. While IT Enthusiasts might be increasingly aware of the need to install an anti-virus package on their handsets, the bulk of consumers will still see the their smartphones as embedded OS devices that will just work in the way their TV or toaster does. They won't necessarily see it as a device that can be infected and compromised.
While the report is clearly intended to shock, without the exact figures for iOS, Windows Phone and Blackberry's being released it is hard to guage overall how bad the problem is and to make a judgement over how much more of a target Android is over the next platform.
Advertisement
So, scare users to subscribe to McAfee, download some viruses to launch if they dare allow their subscription lapse. Sounds like a scam to me.
Have comments been disabled for this article?
Well this article is at least a little less biased than the last article you wrote on the subject of Android malware: https://www.ghacks.net/2011/11/13/free-android-anti-virus-apps-are-proved-useless/
“While the report is clearly intended to shock, without the exact figures for iOS, Windows Phone and Blackberry’s being released it is hard to guage overall how bad the problem is and to make a judgement over how much more of a target Android is over the next platform.”
A shock article about a shock article…
Well, of course, as has always been the case, malware authors tend to think exactly like middle eastern terrorists in the sense that they’re really only interested in doing the greatest amount of damage to the highest possible number of people with the least amount of work. That’s why most malware on desktop/laptop (and now slate/tablet) computers has always been on Windows OS machines….
…to the point that Mac users ignorantly proclaimed the Mac OS invulnerable to malware when, in fact, that was an illusion resulting from lack of interest (on the part of malware authors) in writing Mac malware when they could harm so many more people by writing malware for Windows. Even in its ’80s heyday, no more than 13% of all business users (and even fewer home users) ever used the Mac; and it’s far less than that now… with Linux users trailing far behind even that.
It stands to reason, then, that the same approximate trend would occur in the world of non-Windows smartphones and tablets/slates. As Android phones begin to dominate, there will, of course, be more malware. We could all have intuited that.
This is interesting news on the heels of this web site’s earlier article about how pretty much all freeware (and even a lot of the commercial) anti-malware for Android smartphones is pretty much worthless.
And this article’s author hit it right on the head, I think: Smartphones and slates/tablets using the Android OS are, I believe, thought of, by most users, as embedded-OS-type devices (like Windows-based terminal machines and the like), and so invulnerable to malware. They could not be more wrong…
…as many of them are now learning the hard way. You’d think that what they learned from owning a Windows machine would have wised them up! Hmm. I guess not.
____________________________________
Gregg L. DesElms
Napa, California USA
gregg at greggdeselms dot com
The conspicuous absence of detailed data on other platforms is suspect.
The definition of malware used by McAfee was not included either
and how a vendor defines it does alter the results significantly.
Android is a large market and the fastest growing currently
and the publication of this report could be effective promotion to
drive some users to acquire McAfee VirusScan Mobile for Android.
And McAfee has contributed heavily to the noise in this sector, with their nearly content-free advertising flyer, which you published here as if it contained facts.
Amazing how many ignoramuses just grab anything that falls into the inbox and republish it as if it were actual information.