Android Under Siege: Malware and aggressive adware spikes 400% over past three months

Targeted attacks, zero day Java and IE exploits also highlighted in Trend Micro’s Security Roundup Report for Q3 2012 

Category:

Marlow, UK – 22nd October, 2012 - Dangerous malware and information harvesting adware targeting Google Android users jumped 483% from nearly 30,000 in June to almost 175,000 in September, according to the latest security report for the third quarter of 2012 released today by Trend Micro. While Apple’s relatively rigorous approach to vetting apps before allowing them on the App Store has minimised security risk, Google’s open platform has become a hotbed of malicious activity.

Fake versions of legitimate Android apps are the most prevalent type of Android malware. Many are designed to steal information, completely take over a user’s smartphone or run up huge bills by contacting premium rate numbers.

Trend Micro also noted a rise in “Aggressive Adware” apps that collect more personal information than the user has authorised, with many disseminated via legitimate ad networks
Though most adware is designed to collect user information, a fine line exists between collecting data for simple advertising use and violating one’s privacy. There’s a responsibility on the developer community to be more transparent about the extent of data gathering that goes on via the in-app libraries provided by ad networks.

"It's no surprise that we see such a huge increase in mobile malware”, said Raimund Genes, CTO at Trend Micro. “Android is the dominant smartphone platform with an amazing success story. The digital underground reads statistics and analysts reports as well, and they figured out way to make money with mobile malware. And unlike your computer, getting information from your phone also reveals your location, the phone numbers you have called – and more – all stuff which could be sold.”

The fact that only 20 percent of Android device owners use a security app does not help. Users need to understand what permissions apps seek, before approving them and unintentionally sharing sensitive information.

Rik Ferguson, Director of Security Research and Communications at Trend Micro added: "This level of criminal interest does not bode well for the future and for the Internet of Things, where Android is still the most likely Operating System to power the multitude of connected devices appearing over the horizon. Active and sustained criminal interest in the Android platform is a reality and looks set to continue for the foreseeable future until some fundamental and necessary changes are made to the infrastructure and some important security lessons are relearned at Operating System level.”

Notable trends in Q3 2012:

 

Supporting assets:

CTO Raimund Genes talks about key highlights of Q3 2012 in this video
Rik Ferguson, director of security research and communications looks at the reality of mobile compromise [video]
Full report download


About Trend Micro
Trend Micro Incorporated (TYO: 4704), a global leader in security software, strives to make the world safe for exchanging digital information. Our solutions for consumers, Trend Micro™ Smart Protection Network™ provide layered content security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem. Leveraging these solutions, organizations can protect their end users, their evolving data center and cloud resources, and their information threatened by sophisticated targeted attacks.

All of solutions are powered by cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™, and are supported by over 1,200 threat experts around the globe.

For more information, visit www.trendmicro.com/en_gb/. Or follow our news on Twitter at @TrendMicroUK.