Android malware more than doubles in six-month period

Three out of ten users will encounter web-based threat each year
Author:
Publish date:
3_mobile-threat-report-3-in-10small.jpg

Smartphone security firm Lookout has released a report that reveals people with Android devices are two and a half times more likely to encounter web-based threats now than six months ago. Three out of ten of them are likely to encounter a web-based threat each year.

Lookout collected its data through its Mobile Threat network, which aggregates detection results from mobile devices across the world.

The firm speculated: “As mobile devices grow in popularity, so do the incentives for attackers. Mobile malware, for example, is clearly on the rise, as attackers experiment with new business models by targeting mobile phones.

“Mobile payments create an attractive target for attackers, as they allow direct monetization of attacks.

“In addition to financial information, mobile devices store tremendous amounts of personal and commercial data that may attract both targeted and mass-scale attacks.”

The firm points out that there are a number of ways to get users to download malware. Repackaging was one of the examples: “Repackaging is a very common tactic in which a malware writer takes a legitimate application, modifies it to include malicious code, then republishes it to an app market or download site.

"In fact, repackaging was the most prevalent type of social engineering attack used by Android malware writers in the first two quarters of 2011. The types of applications most frequently repackaged with malware include games, utilities, and porn apps. For example, DroidDreamLight was originally found in 20 utility, nine porn and five game apps in the Android Market.

Malvertising is another method – people have become used to downloading apps via adverts in games and applications, and so can easily be pointed to malware instead.

Lookout encourages users to stay safe by only downloading apps from trusted sources as well as, of course, using a mobile security tool.

Related