3 of 10 Android users now face malware attack

Risk of being hacked has more than doubled in the last six months, says a new report

Three out of every 10 Android users now face hacking attempts annually, more than doubling the risk to users of the Google smart-phone software from just six months ago, according to a recent report from Lookout Mobile Security.

Android hacking attempts have increased exponentially within the past six months, the firm reported, as the number of malware applications has also risen from, 80 applications in January to more than 400 in June 2011.

Between a half million to 1 million people were affected by Android malware in the first half of 2011, according to the report.


Related coverage:

Going mobile? The people are already there 

Google alerts infected users that they've been compromised


Case in point: Two days ago, Dinesh Venkatesan of CA Technologies reported a new Android trojan that can steal account passwords and Social Security Numbers by recording phone conversations.

“As it is already widely acknowledged that this year is the year of mobile malware, we advise the smart-phone users to be more logical and exercise the basic security principles while surfing and installing any applications,” said Venkatesan in his post.

Most threats to Android devices are malware and spyware, said the firm. Of the threats Lookout detected in June 2011, 48 percent were malware and 52 percent spyware. The most prevalent type of malware attack in the first half of 2011 was repackaging, whereby a hacker adds malicious code to a legitimate application and then republishes the doctored application to an application market or download site.

“The repackaging technique is highly effective because it is often difficult for users to tell the difference between a legitimate app and its repackaged doppelganger,” said the report.

Repackaging, though, is only one of a variety of ways that hackers are attacking mobile devices, and the variety of ways that they can compromise devices continues to increase. A newer, similar model is the “upgrade attack.”

"We've started to see [attackers] publish a clean app, then wait for a while before offering an update that's infected," said Kevin Mahaffey, co-founder and CTO of San Francisco-based Lookout in a ComputerWorld article Aug. 3.

"Because most people automatically update their apps, there's less time that the malware is on the market before it's installed by a lot of people."

Although many government agencies have begun adopting mobile devices, including the State Department, the General Services Administration and the Department of Defense, they may not be prepared to fight these attacks.

A recent report by the General Accounting Office found the DOD unable to keep pace with cyber threats, reported GCN July 26.

Additionally, “because mobile platforms are new, often introducing new APIs and security models, even skilled developers aren’t always aware of best security practices,” noted the report.

Yet one of the biggest issues is not limited to mobile devices: that is users transmitting sensitive data without proper encryption, noted the report.

About the Author

Kathleen Hickey is a freelance writer for GCN.

Reader Comments

Thu, Aug 4, 2011 earth

The grace period is over. Communications are world wide now and there is a sufficient cohort of people willing to attack and steal from those they don’t know that all connected systems should be designed from the beginning with the assumption that at some point in the lifecycle of the device it will be attacked. This means the default installation should be as closed as possible and the user will have to opt in on any opening of communication exchange (possibly at each initialization of communication). Further that opening should be as incremental as possible, allowing a variety of restrictions such as restricted to known MAC’s, IP’s, subnets, domains, etc. As Android is based on Linux, it can be retrofitted with incoming and outgoing firewalls, packet sniffers, ect. This will take a major overall of its security policy. For instance, allowing the user to open and close capabilities while a program is running instead of a single choice at the initial program load. This will take more effort by the user but will remind them of their own responsibilities.

Thu, Aug 4, 2011

How are you able to protect yopurself from attacks? I am a new android phone user and some guidelines would be most helpful.

Thu, Aug 4, 2011 Android Applications Development www.classicinformatics.com

This is really a disappointing news for Android uses and it will have a very negative impact on Android market.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above