Android malware cases to hit 1 million in 2013

Trend Micro report contains information based on threat data aggregated by the company

The number of distinct Android malware specimens detected will reach 1 million this year, predicts Trend Micro in its annual security roundup report, noting that the surge in Android malware has grown at a faster clip in three years than was seen in PC-based malware in its first 14 years.

"Last year we predicted the amount of Android malware to be at 125,000 and it actually ended up at 350,000," says Raimund Genes, CTO at Trend Micro, discussing the "Evolved Threats in a 'Post-PC' World" report that Trend released today. "Now we're predicting an additional 650,000 new pieces this year."

Considering it all in an historic context, Genes notes that the first Microsoft-based PC viruses were mainly "just to make fun of Microsoft," as a prank, joke or protest. The growth in the vicious form of cybercrime exploiting PCs for economic gain came much later. But Android malware from the beginning has been brazenly exploitative, such as sending spammy SMS messages to smartphones that incur costs to victims.

However, so far Android malware is not widely used in targeted attacks that are often intended to steal sensitive data, which are still mostly aimed at PCs, Genes points out, "But that could change."

[MORE: Security Holy Grail anyone?

RELATED: Are federal agency workers going rogue with personal devices?]

The Trend Micro report contains information based on threat data aggregated by Trend through analysis aggregated through its Cloud-based sensors and customer network activity, among other sources. With much malware originating from websites these days, Trend says its analysis shows the top regional source of malicious URLs is the US at 23 per cent. But 56 per cent of malicious URLs have to be classified as "unknown" in terms of country. That's because the attackers setting up these malicious URLs are getting better at hiding their traces, Gene sayss.

Trend Micro also kept a running tab in 2012 of the social-engineering keywords used by attackers to reel in victims of their malware one way or another during 2012. In the early part of 2012, the phrases "law enforcement," "tax season," "London 2012 Olympics" and "Tibet," were most used to try and trick someone into downloading malware or opening malware-laden attachments, while in the second half of last year "iPhone 5," "World of Warcraft," "Christmas," and "Thanksgiving" were the top keyword lures.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail:

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags Android malware; Trend Micro; mobile; malwareMicrosofttrend microsecuritymobileanti-malwaremalware

More about IDGMicrosoftTrend Micro Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ellen Messmer

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts