Android Malware Volume Jumps 400%

Lookout Mobile Security Protects Android Smartphones

The volume of attacks that target the Android mobile operating system has increased by 400% since the summer of 2010. Also in that timeframe, one in 20 enterprise mobile devices has gone missing.

Those two findings come from the "Mobile Malicious Threats" report released Tuesday by Juniper Networks, which sells networking hardware and security products.

While significant, the four-fold increase in malware targeting Android isn't unexpected. "You don't have to be extraordinarily smart to write mobile malware these days because most devices don't have any security tools to stop the malware," said Dan Hoffman, chief mobile security evangelist at Juniper Networks, in a telephone interview.

Indeed, despite the security threats facing smartphones, few users secure them. On that front, the Juniper report references a 2010 study, released by SANS, which found that only 15% of smartphone users were employing antivirus on their phones.

Are businesses moving quickly enough when it comes to addressing mobile security? Market researcher Infonetics Research predicts that the market for client security software running on mobile devices--not including embedded security or cloud services--will grow from about $345 million in 2010 to $1.85 billion in 2015. Today, enterprise users account for more than half of the market, but interestingly, the firm expects that consumers will account for more than 50% of the market by 2010.

For the moment, however, expect slow, mostly reactive uptake of mobile security tools by businesses or consumers. "We're at the very beginning stages here," said Jeff Wilson, principal analyst for security at Infonetics, in an email interview. For example, over the past year, large security firms have been acquiring smaller vendors to boost their mobile security portfolios. "Juniper bought Smobile, which is a major piece of their Pulse client. Symantec bought GuardianEdge, and parts of the Verisign acquisition aid their mobile security offering. McAfee bought TenCube and Trust Digital," said Wilson.

Businesses are also still coming up to speed. "In 2010, most mainstream companies [were] still trying to get a handle on the size/scope of the problem, figuring out how many corporate-owned mobile devices are on the network, and then how many user devices are being connected with (or without) IT knowledge, so that they can start the process of developing policies, and then eventually acquiring the tools they need to address security issues," said Wilson.

But one big mobile security outbreak could change all of that. "As with all security issues, one serious threat event on the mobile side that broadly effects enterprise users, and we'll see a massive spike in investment in security tools," he said.

In the meantime, watch where you procure mobile device applications, and especially beware third-party application stores, for example in China, where access to the official Android Market remains blocked. In particular, criminals often hide malware in clones of well-known applications, and especially games.

According to the Juniper study, 17% of all reported smartphone infections "were due to SMS Trojans that sent SMS messages to premium-rate numbers, often at irretrievable cost to the user or enterprise." Security experts say such premium-rate telephone and SMS attacks largely target people in China and Russia, where it's relatively easy for criminals to register a premium-rate telephone number but hide their identity.

But official application stores also aren't immune to such spyware. For example, on Wednesday, Google removed multiple applications from its official Android Market application store that contained malware. Google's move came after AegisLab, a security firm based in Taiwan, released a security alert warning that applications including iCartoon, LoveBaby, and 3D Cube Horror Terrible--all published by "zsone"--contained code designed to quietly send SMS messages to premium telephone numbers in China, resulting in either a one-time charge or an ongoing subscription.