Sign in with
Sign up | Sign in

Report: Android Has Become the Ultimate Malware Platform

By - Source: AVG | B 43 comments

Security software company AVG recently released its second quarter threat report. Besides the usual updates on desktop-focused malware, rootkits and malicious websites, AVG has spent time on analyzing the evolving threat landscape for mobile devices.

It is very apparent that mobile devices let hackers bridge the gap from infection to monetization more effectively than on any other device type. Sure, every frequent web user has seen rather silly threats that the PC has been infected by some ominous malware and that only a $29 or $49 payment for a certain software will get rid of the malware. However, compared to mobile threats, this is a rather complex approach and has way too many variables that can affect the outcome.

According to AVG's Q2 Threat report, Android is quickly becoming a popular target for hackers. Their malware, often attached to popular and seemingly non-suspicious applications in slightly altered packages, attack Android's Linux kernel and replace code that enables the hacker to gain full control over a phone. Called DKFBootkits, the goal may not only be to extract private information, but to incur some small charges, for example via SMS, the owner is unlikely to investigate.

AVG notes that "quick-fingered" people may be lured into accepting notifications they may not even understand. "Mobile connected devices are sitting ducks when it comes to this type of crime as they are already linked to a payment method that requires no additional approval or authentication," AVG said. Android is apparently prime target for rooting a mobile device. AVG did not reveal exact numbers of Android's share in the attacks. 

 

Contact Us for News Tips, Corrections and Feedback

Display 43 Comments.
This thread is closed for comments
Top Comments
  • 17 Hide
    house70 , August 6, 2012 4:06 PM
    Typical PEBKAC... or should I say PEBPAC.
    Quit installing pr0n apps and you should be fine.
    If you don't know what a permission is, don't allow it.
    If you don't know what to do with your rooted phone, don't root it. By default Android has all the checkpoints in place (no debugging, no unknown sources, etc), but it allows one to remove them IF they think they know what they're doing.
    Anyone can write apps for Android, just like in desktop world, it's the user responsibility to KNOW what they're downloading and installing on their system.
    If you're not capable to use common sense and a gram of brain power while using your phone, just go back to the walled garden of iOS, let Apple do the thinking for you and don't install anything that doesn't come straight from them. Oh, and don't think of jailbreaking that, either, or you'll end up in the same spot. Of course, you could have achieved the same leaving that Android phone alone instead of screwing with features you don't understand, but again, you can't use common sense....
  • 15 Hide
    antilycus , August 6, 2012 4:02 PM
    $ 35/month unlimited data, voice, text for android (boost mobile, contractless phone using sprint's network)

    $100ish a month for limited data, unlimited voice and text for Apple

    $65 /month saved x 12 months (1 year) = $780 more in my pocket a year than iPhone users....

    I deal with the malware if I ever actually get any.
  • 13 Hide
    mihaimm , August 6, 2012 3:11 PM
    I know I paid about 12$ for SMS I haven't sent... After I re-rooted the device, the problem stopped. So... I'm guessing this is true... sad.
Other Comments
  • 13 Hide
    mihaimm , August 6, 2012 3:11 PM
    I know I paid about 12$ for SMS I haven't sent... After I re-rooted the device, the problem stopped. So... I'm guessing this is true... sad.
  • 4 Hide
    Anonymous , August 6, 2012 3:15 PM
    Nice Headline, becoming a target = Ultimate target? LMOA! REALLY?!?!?! I noticed that they referenced Mobil Devices 99% of the time and mentioned Adroid 1 time. Let me guess, you typed this on a Mac Book Pro.....
  • 12 Hide
    aracheb , August 6, 2012 3:19 PM
    uncle_bobNice Headline, becoming a target = Ultimate target? LMOA! REALLY?!?!?! I noticed that they referenced Mobil Devices 99% of the time and mentioned Adroid 1 time. Let me guess, you typed this on a Mac Book Pro.....

    is gruener, so everything that is bad and is android is the ultimate malicious evil.
    if is bad and is apple, is just a necessary evil.

    This guy should get fired for giving one side history all the time..
  • 0 Hide
    A Bad Day , August 6, 2012 3:19 PM
    One of my friends who had an Android thought that security problems only existed with PCs.

    I pity her.
  • 7 Hide
    schnitter , August 6, 2012 3:28 PM
    This is expected of a rapidly growing platform that is 100% open.
  • 12 Hide
    Anonymous , August 6, 2012 3:32 PM
    The big problem is that their is not enough education with mobile users about the potential for malware to get on these mobile devices. Google and its Android store is more reactive then proactive to malware in apps. I think too that even Apple which touted for years its Mac's were immune are basically doing the same thing to IOS devices.
  • -9 Hide
    Netherscourge , August 6, 2012 3:35 PM
    Microsoft is so happy about this - Windows is now in 2nd place in the Malware-Infected Platform race.
  • 8 Hide
    syrious1 , August 6, 2012 3:40 PM
    NetherscourgeMicrosoft is so happy about this - Windows is now in 2nd place in the Malware-Infected Platform race.


    When did you see a win7/7.5 get infected? I must have missed that.
  • 0 Hide
    Anonymous , August 6, 2012 3:55 PM
    I'm curious because I'm considering switching to the Android plateform, but is the Market (Play) infested or is it primarily when someone install software form other stores ? Are the applications available in the Market checked (I'm guessing to a certain extent) ? I know that the AppStore also has infested apps, but I already know that 'universe', which is securing to me ! ;) 
  • 5 Hide
    pjmelect , August 6, 2012 4:02 PM
    Quote:

    When did you see a win7/7.5 get infected? I must have missed that.


    Unfortunately I see this all the time, although Windows 7 is much less likely to get a virus infection than Windows XP Windows 7 still gets infections particularly with naive users.
  • 15 Hide
    antilycus , August 6, 2012 4:02 PM
    $ 35/month unlimited data, voice, text for android (boost mobile, contractless phone using sprint's network)

    $100ish a month for limited data, unlimited voice and text for Apple

    $65 /month saved x 12 months (1 year) = $780 more in my pocket a year than iPhone users....

    I deal with the malware if I ever actually get any.
  • 17 Hide
    house70 , August 6, 2012 4:06 PM
    Typical PEBKAC... or should I say PEBPAC.
    Quit installing pr0n apps and you should be fine.
    If you don't know what a permission is, don't allow it.
    If you don't know what to do with your rooted phone, don't root it. By default Android has all the checkpoints in place (no debugging, no unknown sources, etc), but it allows one to remove them IF they think they know what they're doing.
    Anyone can write apps for Android, just like in desktop world, it's the user responsibility to KNOW what they're downloading and installing on their system.
    If you're not capable to use common sense and a gram of brain power while using your phone, just go back to the walled garden of iOS, let Apple do the thinking for you and don't install anything that doesn't come straight from them. Oh, and don't think of jailbreaking that, either, or you'll end up in the same spot. Of course, you could have achieved the same leaving that Android phone alone instead of screwing with features you don't understand, but again, you can't use common sense....
  • 1 Hide
    jojesa , August 6, 2012 4:08 PM
    I have 4 android devices at home no malware.
    I have been installing Avast! or F-Secure on family, friends and colleagues and have not found one single piece of malware on android devices yet.

    But in the last 3 months I have removed viruses from 17 Windows PCs (6 Win Vista and 11 Win 7).
    How come Windows is down to #2? I doubt those results.
    What I found is that some unscrupulous companies (e.g. Thumbplay Ringtones, LLC) that sign users to their services just by clicking on some ads or replying to a survey text message.
    This is how they get you
    You receive a text message (SMS) from a number you don’t know, or an ad offering you a very cheap or even ‘free’ ring tone.
    The message or ad doesn’t include the terms or conditions of the offer.
    The message doesn’t mention the cost of the first ring tone or any ongoing costs.
    It is not clear how you can stop receiving ring tones.
    The message does not mention the name of the company offering the ring tone.
    The number you are asked to reply to begins with 19 (these messages are charged at a premium rate).

  • 0 Hide
    scythe944 , August 6, 2012 4:14 PM
    Thank god for avast mobile!
  • 5 Hide
    house70 , August 6, 2012 4:14 PM
    freespeech1981I'm curious because I'm considering switching to the Android plateform, but is the Market (Play) infested or is it primarily when someone install software form other stores ? Are the applications available in the Market checked (I'm guessing to a certain extent) ? I know that the AppStore also has infested apps, but I already know that 'universe', which is securing to me !

    That sense of false security is more dangerous, because people just assume that everything that comes through Apple's pipeline must be safe. Wrong. I'd rather know about the permissions that any app requires before it gets installed and if I see something fishy I don't install it.
    Google Play (former Android Market) has about the same level of safety as any other Marketplace for apps. There is also SlideMe and Amazon Appstore, both pretty safe as well. You can choose to play it safe and keep the phone unrooted, USB debugging disabled and Unknown Sources unchecked for a while (or forever, up to you) until you get more comfortable with the OS.
    Remember, just like that say "guns don't kill people, people kill people", you can apply that to cellphones as well: cellphones don't get infected by themselves, users infect them by their actions.
  • 0 Hide
    wildkitten , August 6, 2012 4:17 PM
    jojesaI have 4 android devices at home no malware.I have been installing Avast! or F-Secure on family, friends and colleagues and have not found one single piece of malware on android devices yet.But in the last 3 months I have removed viruses from 17 Windows PCs (6 Win Vista and 11 Win 7).How come Windows is down to #2? I doubt those results.What I found is that some unscrupulous companies (e.g. Thumbplay Ringtones, LLC) that sign users to their services just by clicking on some ads or replying to a survey text message.This is how they get youYou receive a text message (SMS) from a number you don’t know, or an ad offering you a very cheap or even ‘free’ ring tone. The message or ad doesn’t include the terms or conditions of the offer.The message doesn’t mention the cost of the first ring tone or any ongoing costs.It is not clear how you can stop receiving ring tones.The message does not mention the name of the company offering the ring tone.The number you are asked to reply to begins with 19 (these messages are charged at a premium rate).

    I think the point is that the potential is there for malware writers to make money off this, a lot more money, and because so much can be done that a lot of people won't consider immediately as suspicious activity that there is a bigger threat.

    One thing Linux fans can no longer say is Linux can't get malware.
  • 5 Hide
    tntom , August 6, 2012 4:22 PM
    @ freespeech
    You are correct in that their is malware in Google's Play Store just a little more than Apple's AppStore. If you stick with apps with high downloads, high ratings, good developer app description,good grammar/translation, and an update history, you should have no problem. Leave your Android set to not install non-Play Store apps. And just as on any platform don't install apps of skimpily dressed woman (bait-ware). Most malware comes from downloading from websites outside of the Play Store that offer alternatives of legitimate apps for free.

    Notice AVG said "Their malware, often attached to popular and seemingly non-suspicious applications in slightly altered packages" What is not said is these are usually popular programs that have been hacked, modified and uploaded to sites outside of the Play Store. These alternative stores instruct you to disable 'install software only from Google Play' setting.

    Wolfgang in the past has usually done better reporting than this. But this comes off as fear mongering.
  • 5 Hide
    house70 , August 6, 2012 4:28 PM
    "Android is apparently prime target for rooting a mobile device. "
    What? Sense? Does? That? Make? You talk about rooting achieved via this malware? That would be great, if it were possible, because would eliminate the need for custom recoveries, unlocked bootloaders and rooted ROMs/kernels to achieve that. A simple SMS-based code would be enough, a Nirvana for developers....
    Welcome back, Gruener. Articles where you don't understand what you're talking about are your specialty, indeed. From "becoming a target for hackers" to "ultimate malware platform" was only a step that Gruener could take (it requires us, the readers of the article, a lot more than that, as Android is only mentioned about 3 times and mostly AVG addresses mobile platforms overall).
  • 4 Hide
    kronos_cornelius , August 6, 2012 5:06 PM
    If you stick with reputable markets and don't install apk out from the Internet you should be fine. These things happen because people take the safety components off their phone like "allow installing third party app" and such and then get scared for the consequences.

    If you like to tinker with your phone, have one to play with (root... etc) and have another phone that you use for your personal accounts and payment information. The problem starts when you root your main phone and install apps without concern for what permissions they ask for or where the apps come from.
Display more comments