Malware's attraction to the open-source Android operating system is no surprise to anyone following the
space. But now the Department of Homeland Security and the Federal Bureau of Investigation have weighed in, pointing out that Android-targeted malware accounts for an overwhelming 79 percent of the total.
The information comes in an unclassified memo to U.S. police and emergency medical personnel issued by those agencies in July, and published this week by Public Intelligence, a Web site dedicated to releasing governmental information obtained by researchers. The memo points out that 44 percent of Android users are still employing versions 2.3.3 through 2.3.7, which were released two years ago and still have security issues. Those issues were addressed in later versions, and the memo notes that their vulnerabilities make it essential to keep mobile OSes "patched and up to date."
The memo also cites the second-most popular target for malware as being the Symbian OS, at 19 percent as of 2012. While that represents a considerable slice of the malware universe, the good news in terms of reducing malware targets is that Symbian is rapidly disappearing. Earlier this month, for instance, research firm IDC found that Symbian's worldwide market share in the second quarter had dropped to 0.2 percent.
Top Three Threats
Way back in third place among malware, according to the memo, is Apple's iOS at 0.7 percent, followed by Windows Mobile at 0.3 percent, BlackBerry at 0.3 percent and Others combined at 0.7 percent.
The memo also highlights the three most prominent security threats, with descriptions and proposed mitigation strategies. The threats include SMS text messaging Trojans that send "text messages to premium-rate numbers owned by criminal hackers without the user's knowledge," which can result in exorbitant charges. The memo suggests the installation of a paid or free Android security suite to counter this threat.
A second threat specified in the memo is the rootkit, which logs a user's locations, keystrokes or passwords without permission. The agencies recommend installation of a free app, the Carrier IQ Test, which can test and remove the .
The third mentioned threat is "fake Google Play domains," which trick users into downloading and installing malicious applications that then steal financial information and log-in credentials. The memo recommends that only approved applications be installed, that devices' OSes are updated only according to IT department procedures, and that antivirus software for Android devices should be installed and regularly updated.
'Hand in Your Resignation'
Meanwhile, a new report from security firm TrendMicro indicates that the number of malicious or high-risk Android apps has increased by 350,000 in the last six months alone, and, if they continue growing at this rate, the total population could hit more than a million by the end of 2013.
Laura DiDio, an analyst with Information Technology Intelligence Consulting, told us, "If you are an IT manager, and this doesn't make you think twice, it's time to hand in your resignation."
She noted that the percentage of malware targeted at Android, 79 percent, is the same as that platform's percentage of the world market -- 79.3 percent in Q2, according to IDC. The two percentages, DiDio indicated, are obviously related, in that malware creators' interest in a platform is directly proportional to how many users it has.
But obviously this relationship does not hold for Apple's iOS, whose 13.2 percent market share is far greater than this memo's 0.7 percent of malware. The difference, DiDio said, is that "Apple is a 40-year-old company," and has had much more experience dealing with malware than Google has.
She predicted that IT departments would not be inclined to avoid Android devices because of such reports, but that they will continue to "make sure strong security policies and implementation are in effect."