Trick or treat? Who’s afraid of mobile malware?

While attending the annual Virus Bulletin International Conference earlier this month, I was surprised to hear a security researcher indicate to the attending malware experts that statistically, Android malware is not a significant concern.

 

This presentation really stood out, as the statistics presented were in contrast to the impression I have on the threat posed by malware on mobile platforms. The last few years, there have been a number of professional research papers detailing the increasing threat to the mobile space.  Android devices, according to these papers, have been increasingly targeted. As the popularity of Google’s Android platform has increased, so has the volume of malware targeting its consumers. 

 

McAfee, in its quarterly threat report released this August, reported roughly 17,000 new Android malware samples added to their database, noting that “halfway through 2013, we have already collected almost as many mobile malware samples as in all of 2012.”

 

The computer security firm, Blue Coat, released a mobile malware report in February 2013.  It stated that Android devices offer “a unique case study on the rise of mobile malware. The unregulated app market and diversity of Android-based devices ensures that cybercriminals will find greater success targeting these platforms.” To be fair, it did also suggest that user-behavior alone may be easily exploited.

 

What may be more interesting is that Sophos, in its 2013 Security Threat Report, found Android threat exposure rates exceeding those of PCs in the United States and Australia.

 

Also significant is a report published in July by publicintelligence.net (associated with the United States’ Department of Homeland Security) which indicates that “44 percent of Android users are still using Android versions 2.3.3 through 2.3.7 - known as Gingerbread - which were released in 2011 and have a number of security vulnerabilities that were fixed in later versions.

 

After 15 years spent working in the anti-malware space, I have seen some significant shifts in the threat landscape. When I started, our databases of malware were comparatively very, very small.  We saw one, or two, or three, dramatic threats at a time. In effect, these would sweep the globe, we would clean them up and we would wait for the next one, which might be weeks or months away. We have seen this change into a vast and distributed threat landscape of constant threats and seemingly infinite variants. I acknowledge that today the mobile malware landscape is relatively small when compared against this vast malware landscape of the desktop. I acknowledge the shift to mobile malware has been slower than some imagined it might be. This should not, however, give us the permission to think that the uptick we are seeing now is anything other than the significant shift we have been expecting.  Crime will follow opportunity. Malware will follow technology. Our job is to make the technologies more secure for users where we can.  The rapid adoption of newer and more sophisticated mobile devices by consumers and the marked rate of growth of malware in the mobile space absolutely warrants close monitoring and ongoing research by the computer security community.

 

Of course, Android isn’t the only mobile platform – there are several significant others and these comments apply to mobile technology in general, not to Android specifically.

 

As always, the team looks forward to time spent with the very creative minds that help us keep users safe. The HP ZDI team is excited to attend the PacSec Applied Security Conference in Tokyo, Japan next month, where Google and BlackBerry will join us as sponsors of the Mobile Pwn2Own challenge to demonstrate unpublished mobile 0-day attacks. 

 

Shannon Sabens

HP Security Research

Labels: Malware| mobile| security| ZDI
Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Featured


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.