Android Becoming Prime Target for Malware Makers

McAfee: Attacks on Android jumped 76% over the past three months, making it the most-assaulted mobile OS during that period.

Attacks on Android by malware writers have jumped 76 percent over the last three months, making it the most assaulted mobile operating system on earth during the period, according to a report by cybersecurity solutions maker McAfee.

While malware targeting Google's mobile operating system increased substantially from the first to the second quarter of this year, the amount of malicious software for Android still lags behind that written for the Symbian OS and Java ME. With Symbian slowly dying out, however, that will no doubt change, as McCafee's numbers suggest.

The rapid rise in Android malware in the second quarter "indicates that the platform could become an increasing target for cybercriminals -- affecting everything from calendar apps, to comedy apps to SMS messages to a fake Angry Birds updates," McAfee said.

McAfee's findings reveal that malware makers are abandoning a sinking ship -- Symbian -- for a more seaworthy vessel -- Android. They no doubt have set their eyes on the mobile transaction market that is expected to grow in the coming months. Much of that growth is expected to be fueled by Google and its controversial "wallet" for Android phones.

Another disturbing development McAfee researchers observed was the increase in attacks on Apple systems. Those attacks most often took the form of fake antivirus offerings. "Apple's OS X has been mostly ignored by malware writers for years, so this represents a significant change of target for cybercriminals," the report said.

McAfee's researchers said they were unsurprised by that development, however. "There are more Mac users than ever before as well as steady business adoption," they reported. "This puts the Apple platforms squarely in the crosshairs of malware authors. It will be interesting to see if this type of malware makes its way to the iPhone and iPad as well. It is probably a case of 'when' rather than 'if.'"

The report also contains a summary of what McAfee considers "cyberwar" attacks during the quarter. They included:

  • A Distributed Denial of Service in March targeting a group of Russian bloggers, including President Dmitry Medvedev, on LiveJournal.
  • A cyberattack on the Norwegian military in March in which 100 senior military personnel received an e-mail with an attachment that appeared to come from another government agency.
  • Temporary shutdown of the Internet connections at the Oakridge National Laboratory in April after a sophisticated cyberattack was discovered being spread through phishing e-mails.
  • A breach in May of South Korea's National Agricultural Cooperative Federation, which delivers supply, processing, marketing and banking services to more than 4,000 branches in the country.

The report also noted that during the first six months of the year, Microsoft products have lost their charm for malware writers while Adobe's offerings continue to gain in popularity. "This trend does not prove that Adobe's technologies are more vulnerable or have more coding bugs than Microsoft's," the report said. "Rather, Adobe is one of the clear leaders in worldwide client applications, and this leadership is what drives malware authors and cybercriminals: They target what is popular and in wide use."

Follow freelance technology writer John P. Mello Jr. and Today@PCWorld on Twitter.

Join the CSO newsletter!

Error: Please check your email address.

Tags consumer electronicsMac OSmcafeeGooglesecuritysmartphonesAndroidmalware

More about Adobe SystemsAppleGoogleMacsMcAfee AustraliaMicrosoftSymbian

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John P. Mello Jr.

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place