Skip to main content

79% of Mobile Malware Targets Android

Android is the most popular mobile operating system on the market, but uneasy lies the head that wears a crown: Malicious hackers have designed 79 percent of all mobile malware to target Android systems.

The information comes by way of a report from the U.S. Department of Homeland Security in cooperation with the U.S. Department of Justice. The two agencies worked together to gauge mobile threats that Americans faced in 2012 and discovered that malware overwhelmingly targets Android over other systems.

MORE: 5 Free PC Maintenance Programs Worth Downloading

Surprisingly, the second-most-targeted system was not iOS, but Symbian, Nokia's quirky operating system that's been losing steam at a rapid pace. Nokia has adopted the Windows Phone OS preferentially, which means that few new phones run Symbian. 19 percent of malware went after Symbian systems.

iOS and "Others" tied at 0.7 percent of targeted malware, while Windows Mobile and BlackBerry tied at 0.3 percent.

How vulnerable is your phone?

Keep in mind that these numbers do not necessarily reflect how "safe" any given system is. The amount of malware that targets a given system is not necessarily indicative of how many users actually download and run that malware. Additionally, one very harmful piece of software could prove far more dangerous than thousands of easy-to-avoid or seldom-seen programs.

Still, Android's 79 percent of malware is more than four times higher than its next-highest competitor's share. Given how many people use Android phones, this could be a particularly volatile mix of malicious software and a user base bound to encounter it at some point.

The report found that threats come in three primary flavors: SMS (text message) Trojans, rootkits and fake Google Play domains.

SMS Trojans make up almost half of the attacks on Android systems, and they can wring a lot of money out of infected users. By hijacking a user's phone number, criminals can send text messages to expensive, premium-rate numbers. The report recommends installing an Android security suite, which can block this kind of invasive behavior.

MORE: A Smartphone Kill Switch Won't Stop Smartphone Theft

Rootkits are another type of malware that can log a user's keystrokes, thus giving remote malefactors access to passwords, financial information and whatever else a user types into his or her phone. A program called Carrier IQ Test can ferret out rootkits.

Finally, fake Google Play domains are what they sound like: sites designed to look just like the official Google Play store but that distribute software that can steal user information, hijack devices or just fill the Android OS with incessant ads. Avoid this by searching for apps within the official Google Play store, and use a mobile anti-virus suite if you get burned.

How to stay safe

If you have an Android device and want to hurl it directly into the ocean after reading the report, don't be too hasty: The reason why the vast majority of compromised Android devices get infected is because they were not running the latest version of the Android OS.

Jelly Bean, the latest version of Android, has been out for over a year and prevents most of the flaws that threaten Android users. Even its predecessor, Ice Cream Sandwich, which came out in 2011, renders a huge chunk of Android malware inert.

Staying up-to-date on an Android phone is not as easy as it should be, though. Many carriers provide infrequent system updates during a phone's first two years on the market, and nothing at all after that. In fact, some phones have a life cycle of only 18 months (even though a standard contract is two years). This means that Android users will have to take some proactive steps to stay safe.

If you have an Android device, make no mistake: People with ill intent are out to hack it. However, keeping your device up-to-date, installing a security program and using common sense will keep the vast majority of Android malware at bay.

Follow Marshall Honorof @marshallhonorof. Follow us @tomsguide, on Facebook and on Google+.