Chinese Android Malware Mayhem Goes Into Overdrive

Android malware china

Complacent Android users beware: the volume of malware targeting such devices is growing at a terrifyingly exponential rate, rising by 216% or 700% over the last three months, depending on which security company you believe, and it’s all coming from China.

Meanwhile, it’s been separately revealed that as many as 50% of all Android devices are thought to carry unpatched vulnerabilities, leaving them exposed to all manner of potential dangers.

The most recent warning comes from mobile security provider TrustGo, which undertook the monumental task of scanning 175 Android app markets from around the world – a total of more than 1.7 million apps – before rating each one according to the level of risk (risky, malicious or safe) they carry. In addition to this, they also pinpointed which countries had the biggest malware problem, singling out China as Android’s public enemy number one.

Somewhat surprisingly, Google Play only ranks fifth in terms of safety (90 malicious apps were identified). European store Aproov actually came out on top, with Amazon’s store also deemed to be less risky than Google’s.

But it’s in China where the real eye-openers are – with the Anzhi marketplace (enter if you dare…) carrying malware in a stunning 63% of all its apps, closely followed by StarAndroid (53% of all apps infected) and iMobile (50%).

You can see the results in this infographic produced by TrustGo (click to enlarge):

Mobile Mayhem Report 2012

 

But according to the security firm McAfee, the problem could be even worse than what TrustGo assumes. They claim that Android security threats have actually risen by a shocking 700% over the last three months, with around 100,000 new malware samples being discovered every single day. The company said that it was particularly concerned about the rise of so-called Ransomware, a type of malware that holds devices hostage by locking them, or locking access to certain files, until a ransom is paid to unlock it again.

Another worry is the so-called Boxer virus, which hides in popular apps such as fake versions of the Grand Theft Auto game, before collecting money by sending their unfortunate victims a stream of premium rate SMS’s until they can get rid of the malware from their device.

All of these problems are compounded by the fact that as far as manufacturers and carriers are concerned, security simply isn’t their concern. New research by the firm DuoSecurity reveals that at least 50% of all Android devices contain unpatched vulnerabilities, simply because carriers and manufacturers fail to roll out timely updates for their devices. The security result of this is that people who’ve purchased Android devices are being put at risk, because attackers can create malware that targets known vulnerabilities that are now present on millions of devices, safe in the knowledge that no one seems particularly bothered about trying to stop them.

Android users, you have been warned.