Android Malware Up 427 Percent Since July

Google's Android OS has enjoyed huge amounts of success. Last week, we reported that the company had activated 200 million Android devices and was activating a further 250,000 every single day. However, it seems that those huge numbers come with another, and this one is a lot more sinister: According to Juniper Networks, Android malware has surged and is up more than 400 percent in the last few months alone.

"What happens when anyone can develop and publish an application to the Android Market?" Juniper Global Threat Center asks. "A 472% increase in Android malware samples since July 2011."

The security company goes on to blame Android's free-for-all nature that allows anyone with a developer account and $25 to post applications. Juniper just reported a 400 percent increase in May of this year when compared to summer 2010, and it looks like things haven't slowed in the slightest, with October and November representing the fastest period for growth in Android malware discovery.

"The Juniper Global Threat Center found that the months of October and November are shaping up to see the fastest growth in Android malware discovery in the history of the platform," the security company writes. "The number of malware samples identified in September increased by 28 percent over the number of the known Android malware samples. October showed a 110 percent increase in malware sample collection over the previous month and a striking 171 percent increase from what had been collected up to July 2011."

A huge surge in the volume of malicious content is bad enough, but attackers are also becoming more sophisticated in their methods. Juniper says that in the spring of this year, it began seeing Android malware that was capable of leveraging one of several platform vulnerabilities that allowed an attacker to gain root access on the device. Today, the vast majority of malware released contains this capability because "the vulnerabilities remain prevalent in nearly 90 percent of Android devices being carried around today."

The biggest issue with the Android Market is that the applications aren't vetted before they appear on Google's app store. As Juniper says, anyone with a dev account and $25 can post applications. These apps will then appear on the market with whatever description the developer submitted without ever going through any kind of verification process. The result of this is tons of malicious application, the majority of which Juniper says target personal information (55 percent), with the remainder made up of SMS trojans. 

Juniper guesses that the people behind all of this Android malware are the same folks that used to write malicious code for other platforms.

"The Global Threat Center believes it's the same actors who originally wrote malicious code for the legacy platforms of Symbian and older versions Windows Mobile. They shifted to Android given it gains significant market share when compared these legacy platforms."

Create a new thread in the Streaming Video & TVs forum about this subject
This thread is closed for comments
Comment from the forums
    Your comment
    Top Comments
  • LuckyDucky7
    That number's kind of useless.

    I mean- a jump of 427% is large, but what was the original sample size?
  • chickenhoagie
    sgtopmobileHELL YESS!!!! TAKE THAT ANDROID iOS will regain its marketshare REALLY soon!!!!!!

    this guys a little weird..
  • razor512
    going from 1 case of malware, to 5 cases is a 500% increase in malware.

    I am assuming 1 case since they failed to include the original sample size.
  • Other Comments
  • sultansulan
    Wp7 has failed............ Start Sue........
  • Anonymous
    Android malware is nothing like Windows malware.

    That virus that looks like Windows Explorer in your browser and then gives you an antivirus warning is about 2-3 years old now. Windows XP/Vista/7 still can't stop it. Antivirus still can't stop it. It's still a "drive by" virus, as you don't have to download and run the attachment to get the virus, you've got it as soon as you visited the site. Noscript is the only effective way to stop it on Windows. I'm sure that virus will still be viable in Windows 8/9/10, clearly that virus writer is a lot smarter than Microsoft and all of the AV companies put together.

    Android malware requires you to review the rights the app is asking for, and then approve it. If you are too dumb to decline a fart soundboard that needs the ability to make phone calls and read your contacts, then you deserve what you are getting. There are still no "drive by" web viruses for Android.
  • LuckyDucky7
    That number's kind of useless.

    I mean- a jump of 427% is large, but what was the original sample size?