Android users are prime target for malware

A new report finds malware threats are at a four-year high, and mobile platforms in particular are a hot target--especially Android.

A new report summarizing the malware and cybersecurity trends for the second quarter of 2012 has been released. The report found the biggest spike in malware samples detected in four years, and illustrates the growing threat faced by mobile devicesparticularly Android mobile devices.

There isnt necessarily anything Earth-shattering in the quarterly report. The fact that its essentially more of the same, with slight variations on themes from previous quarterly reports, however, should be cause enough for concern. The bottom line message is that malicious attacks are a serious threat, and theyre not going away any time soon.

How It Spreads

Malicious websites are a popular method for getting malware out there. An average of 2.7 million malicious URLs were detected each month, pointing to approximately 300,000 bad domains. That works out to about 10,000 new malicious domains being created every day with the express purpose of hosting malware and hijacking unprotected PCs or mobile devices.

Another method of propagating malware is through infected USB thumb drives. Attackers put malicious code in AutoRun files that execute automatically when the thumb drive is inserted into a PC. The malware can then compromise the PC, and seek out other connected drives to infect to continue spreading to new PCs.

Return of Botnets

Botnets have been an ongoing threat for years. Thanks to the efforts of security researchers, and major players such as Microsoft, some of the most dangerous and prolific botnets have been crippled or taken offline entirely.

According to the latest quarterly report, though, the victories are apparently short-lived. Botnet activity is at a 12-month high, and the attackers are continuing to evolve clever new ways of managing and controlling the massive armies of compromised computers. Researchers have found that Twitter is now being used by some botnets to issue commands to infected systems.

The Mobile Frontier

The biggest story in malware right now is mobile malware. The shift from traditional mobile phones that simply made phone calls to smartphones containing gigabytes of data has made the pocket-sized computers a prime target for attackers.

Most people are conditioned at this point to run antimalware or other security software on their PCs, and theyve been trained with the common sense to recognize and avoid many types of attacks. However, that security mindset hasnt yet transferred over to smartphones and tablets, so many people lack adequate protection on their mobile devices.

The fact that many companies are embracing BYOD (bring your own device) and allowing employees to use their own personal mobile devices to connect to network resources and company data raises the stakes and makes mobile devices an even greater risk in many cases.

Android smartphones and tablets are the hottest targets. Virtually all mobile malware samples detected are intended for Android, ranging from malware that sends out SMS messages, or fraudulent SMS payments, mobile botnets, spyware, and Trojans that can capture or destroy data from Android devices.

Apples iOS is more locked down by nature, and the apps have to be approved by Apple to get into the app store. With Android, though, the platform is more open by design, and users are free to get apps from a wide variety of sources outside of the official Google Play store. Android apps are typically not reviewed or vetted in any way, making it easier for attackers to plant apps containing malware.

The report illustrates very clearly that users still need to be on guard against new threats. More importantly, it demonstrates why antimalware protection on the PC alone isnt enough. You need to have the same, solid protection for all of your PCs and mobile devices.

Join the CSO newsletter!

Error: Please check your email address.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Jeffers

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place