Android malware threat increasing
Smartphones based on the Android mobile OS are facing increasing cybercriminal attacks and more enterprises are becoming exposed to malicious IT threats due to bring-your-own-devices (BYOD), security firm Trend Micro claims.
Mobile devices can expose users’ and organizations’ valuable data to unauthorized people if precautions are not taken, a report by the firm states.
“As Android devices gain in popularity, so does its use by cybercriminals. The Android platform has become a favorite attack target due to its app distribution model, which makes it completely open to all parties. We believe the attack will continue throughout the year,” says Myla Pilao, director of marketing communications at Trend Micro’s TrendLabs.
“In fact, the number of mobile malware detected by Trend Micro has doubled in a span of one month. This goes beyond our initial projections for the month. Two of the most notorious Android malware variants, RuFraud9 and DroidDreamLight10, have caused millions of users a lot of grief from losing data and, at times, money,” Pilao said.
Additional data from Trend Micro reveal a breakdown of the behavior of the top ten malware families. Fake apps are the most dominant at 30%; data stealers follow at 21%; Adware comes in third with 18%; Premium Service Abusers come in at 14%; while Rooter/RAT and Malicious Downloaders come in at 13% and 4%, respectively.
Data loss incidents due to improperly secured personal devices will increase as more devices, which are not fully controlled by IT administrators, store or access corporate data. Lack of any malware-detecting system will be particularly problematic for the APAC region, which seems very open to BYOD, Trend Micro also said.
While most mobile threats come in the form of malicious apps, Trend Micro predicts cybercriminals will go after legitimate apps as well by utilizing vulnerabilities or coding errors that can lead to user data theft or exposure.
Mobile threats generally comprise Trojans and worms, and require user intervention to spread. Some mobile threats involve spyware that can log dialed numbers and record conversations. This exposes employees to invasion of privacy, potential identity theft, and compromised corporate intellectual property. Some mobile threats leverage Bluetooth technology without user intervention.
According to IDC, nearly 1.8 billion mobile phones will be shipped this year, compared to 1.7 billion units in 2011. By the end of 2016, 2.3 billion mobile phones will be shipped to the channel. IDC predicts that Android will remain the most shipped smartphone operating system over the course of the five-year forecast and its share will peak this year.