Ever since the Google launched its mobile OS Android, it became a favorite eye candy, not only for the mobile users but for the hackers as well. Right from the debut beta version to the Android 4.0.x Ice Cream Sandwich, there is not a single version that could escape hackers. So far, the count of Android malware has exploded up to 25,000 samples.
This is a real concern as the number has doubled up in just a month, which clearly shows the fast-paced threat for the Android users. If we talk about the month of June only, 5,000 new malicious Android apps were found in the first quarter, while 15,000 were found so far in Q2 2012.
Ironically, the cybercriminals are using the Google Play store, which is the official Android app store, to target users. The store apps are acting as host to infected apps, with more and more fake versions of popular apps surfacing up. Some of these include Skype, Instagram, Angry Birds Space, Farm Frenzy. These apps are used to send messages to premium numbers at the users’ cost, putting their personal and financial information at the risk of theft. A recent study conducted by Trend Micro has classified the Android malware into seven categories, namely Premium service abuser, Adware, Data stealer, Malicious downloader, Rooter, Click Fraudster, and Spying tool.
While cybercriminals will never take break from their activities, what’s quite appalling is that only one out of five Android devices have a security app installed, putting user information data and financial information at risk.
Despite so many warnings from the analysts and the OS developers, users are not able to understand the real risk behind the malware attack. We have been watching fake Android game apps, devilish root kits, and the worst in the form of spam emails. All these are clear indicators that it’s time to take the mobile security more seriously. We use our mobile devices all the time, which means any intrusion may risk our crucial information, leaving it in unwanted hands.
It’s not that Google is not working to sort out the issues, or at least cope with them. To ensure timely and comprehensive detection of threats, Google’s Safe Browsing Team has scaled up its efforts. They are investing significantly in the safe browsing efforts to help users safeguard themselves. Some of the recent efforts include instantaneous phishing detection and download protection within the Chrome browser, Chrome extension malware scanning, and Android application protection.
Google has also beefed up the latest Android version- Jelly Bean 4.1 with security tools, with aim to defend against hacks that install viruses and other malware on mobile devices using the system. Reportedly, the Jelly Bean 4.1 comes with features to divert hackers from installing malware that leads to information leakage, buffer overflows, and memory vulnerabilities. While this is a good thing coming from Google, I would again stress users to take their mobile security seriously.