Google's Android OS has enjoyed huge amounts of success. Last week, we reported that the company had activated 200 million Android devices and was activating a further 250,000 every single day. However, it seems that those huge numbers come with another, and this one is a lot more sinister: According to Juniper Networks, Android malware has surged and is up more than 400 percent in the last few months alone.
"What happens when anyone can develop and publish an application to the Android Market?" Juniper Global Threat Center asks. "A 472% increase in Android malware samples since July 2011."
The security company goes on to blame Android's free-for-all nature that allows anyone with a developer account and $25 to post applications. Juniper just reported a 400 percent increase in May of this year when compared to summer 2010, and it looks like things haven't slowed in the slightest, with October and November representing the fastest period for growth in Android malware discovery.
"The Juniper Global Threat Center found that the months of October and November are shaping up to see the fastest growth in Android malware discovery in the history of the platform," the security company writes. "The number of malware samples identified in September increased by 28 percent over the number of the known Android malware samples. October showed a 110 percent increase in malware sample collection over the previous month and a striking 171 percent increase from what had been collected up to July 2011."
A huge surge in the volume of malicious content is bad enough, but attackers are also becoming more sophisticated in their methods. Juniper says that in the spring of this year, it began seeing Android malware that was capable of leveraging one of several platform vulnerabilities that allowed an attacker to gain root access on the device. Today, the vast majority of malware released contains this capability because "the vulnerabilities remain prevalent in nearly 90 percent of Android devices being carried around today."
The biggest issue with the Android Market is that the applications aren't vetted before they appear on Google's app store. As Juniper says, anyone with a dev account and $25 can post applications. These apps will then appear on the market with whatever description the developer submitted without ever going through any kind of verification process. The result of this is tons of malicious application, the majority of which Juniper says target personal information (55 percent), with the remainder made up of SMS trojans.
Juniper guesses that the people behind all of this Android malware are the same folks that used to write malicious code for other platforms.
"The Global Threat Center believes it's the same actors who originally wrote malicious code for the legacy platforms of Symbian and older versions Windows Mobile. They shifted to Android given it gains significant market share when compared these legacy platforms."