McAfee Inc. said in a report that Google Inc’s Android software was the absolute platform for hackers aiming mobile devices during the last quarter. According to the digital security company’s third quarter threat reports, the amount of malicious software aiming Android devices bounced to 37% between late June and September. McAfee reported that 2011 is all set to be the busiest year in mobile malware history, followed by a bunch of previous quarter spiking threats against Android.
Android’s popularity among consumers is growing in parallel to its popularity among cyber criminals as hackers go for the largest possible group of victims. The report specified that all new mobile threats identified by McAfee during Q3 were primarily targeted to Android users. Jupiter Networks Inc., the communication equipment maker, identified an exponential increase in Android malware since the last few months. It reported a 72% growth in malicious software samples in July alone and showcased the fastest growth in Android malware discovery in the history of platform to have occurred in October and November.
Juniper’s chief mobile security analyst, Dan Hoffman, explained in an interview with ITbusiness.ca that they are coming across a mix of traditional hacking community working on malware as well as people who are a bit smart and are able to hide some malicious content in an app. Hoffman said that more attack apps appeared in Chinese app stores that distribute Android software. Majority of new threats was discovered in the form of apps on Google’s Android Market disguised as favorable programs that secretly record and transmit a user’s activities when downloaded in hopes of obtaining sensitive financial information.
McAfee is also said to have reported a deeper privacy invasion that is a malware capable of recording and transmitting phone calls. Two examples of the reported malware are Android/NickiSpy.A and Android/GoldenEagle.A. Both of them can record user conversations and forward them to attacker. It’s a very persistent threat since attackers are not sure whether the first call or both calls have the required information, hence these malware remain on the devices without being detected for extensive periods.
Google’s slow and lenient approval process of new Android apps along with the platform’s growing popularity is the reason for this malware increase according to researchers. The process of removing an allegedly malicious app is open to sustained vulnerability since it is reactionary based on user complaints.