Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.

Android Malware Growing

By - Source: Toms IT Pro

Malicious Android code makes first appearance on comprehensive malware list.

James Alan Miller

James Alan Miller is Managing Editor of Tom's IT Pro. He is a veteran technology journalist with over seventeen years of experience creating and developing magazine and online content. Founding editor of numerous business and enterprise computing sites at the network, James headed up the After Hours section at PC Magazine, as well as hardware and software sections of various Windows publications.

Commtouch, a vendor that specializes in Internet security technology and antivirus solutions, recently highlighted the appearance of three instances of Android-based malware in the August edition of the Extended WildList on its company blog. As the name implies, the WildList—put out by WildList Organization International, a consortium of virus information professionals—is a compendium of computer viruses and malware known to be currently active.

Technically, according to blog post author Robert Sandilands (antivirus director at Commtouch), this is the first time non-PC malware’s been included on the list, which is significant. However, as he points out, mobile malware is still a tiny percentage of the total malware in the wild today. For example, only 300 or so instances of Android malware crossed paths with Commtouch over the past year, Sandilands says. That's compared to the up to 150,000 total pieces of malware it sees daily.

Mobile malware isn't new. It all started years ago, back in the summer of 2004, when a proof-of-concept virus targeting Symbian and Pocket PC devices emerged. Those once-dominant operating systems no longer rule the market, of course. But that only means malware developers are turning their sights on today’s dominant platforms. So now Android and, to a lesser extent, Apple’s  iOS are in the malware malcontents’ crosshairs.Also, with smartphones and tablets more powerful and popular than ever, mobile malware is on the rise. G Data Security Lab released a study showing that mobile device Trojans, viruses, exploits, etc. grew by 270% year over year during the first half of 2011.

While iOS is by no means completely immune to malicious coders, IT pros should note that Android is the far more attractive option thanks to the platform’s relative openness and fragmentation. McAfee reports that 60% of all mobile malware it studied in the second quarter of 2011 targeted Android, three times that of Java Micro Edition, the second place finisher, and far ahead the Symbian, BlackBerry , MSIL, Python and VBS platforms, which round out the remaining 40%.

"From one perspective I think Apple is doing something right: To be able to publish software for iOS you need to pay a small fee and get a cryptographically secure identity (A Code Signing Certificate). If you abuse the certificate by writing malware the certificate will most likely be revoked implying the loss of the fee and the identity. This raises the barrier for writing malware for iOS," Sandilands notes. "It is not a high barrier but it does imply that Android then becomes the easier target whether it is more secure or not."

This situation will only change when the cost of creating Android malware exceeds that of doing so for iOS. So, until the expense and risk of developing malicious code increases for Google-run smartphones, Sandilands expects we'll see more and more of it.

Tom’s IT Pro asked Commtouch to provide us with some basics tips IT professionals could take to keep mobile devices and the corporate networks they connect to safe. Ideally, according to Commtouch, they should find a way to implement consistent security settings, application management and monitoring across all the mobile devices used by employees. They can do this through the following steps:

·          Security settings: These settings should  be detected and configured when mobile devices connect to the company network.  They should include encryption settings or ability to access private email accounts.

·         Application management: IT managers should prohibit certain applications or (more likely) enforce the use of mobile antivirus as well as Web security applications so  employees are prevented from accessing harmful websites or activating malicious email attachments and applications. Remote-wipe applications might also be required, allowing IT managers to erase the contents of stolen or misplaced devices. 

·         Monitoring: IT managers will want a centralized monitoring capability that lets them know the status of deployed devices and alerts them when issues arise.

For his part, Sandiland’s hope is that the Android ecosystem could become more conducive and friendly to security over the next year. This will mean, however, an increase in awareness and action on the part of not just application developers and mobile device users but even Google itself.