Saturday, November 19, 2011

Android leads the pack in mobile malware

Mobile devices have been growing at a rapid scale. Out of the various operating systems powering these devices two of the most popular ones are the Google's Android and the Apple's iOS. According to recent Gartner report on growth of mobile devices worldwide, Android OS accounted for 52.5% of smartphone sales to end users in the third quarter of 2011 doubling its market share of 25.3% from the third quarter of 2010. In the same time period Apple iOS based smartphones lost market share from 16.6% to 15%, though Apple shipped 17 million iPhones, an annual increase of 21 percent.

With the explosive growth has come an unwanted rise in mobile malware and Android is topping this. According to Juniper Global Threat Center post, there has been a 472% increase in Android malware samples since July 2011. In their annual Malicious Mobile Threats Report report, Juniper found a 400% increase in Android malware from 2009 to the summer of 2010. A few months back security firm McAfee quarterly report noted similar findings that Android OS-based malware became the most popular target for mobile malware developers.

Not only the attacks have increased but have also gotten sophisticated, by exploiting the OS vulnerability the malware would gain root access and install even more damaging software packages. This way the attacker gains access to any data on the phone including all communications, location, and other personal identifying information. The mobile malware developers are the same actors who originally wrote malicious code for the legacy platforms of Symbian and older versions of Windows Mobile.

So the key question is how does Android platform fare in terms of security with Apple iOS? There may not be a platform security issue comparing one to the other. The problem lies in how the application stores are managed for Android and iOS. Apple reviews each application and its code before publishing it to Apple application store, this is missing in Android open application store where attackers can easily sneek in their malicious applications without requiring upfront review. Such applications only get removed after the fact that someone discovered and reported the malicious behavior. By that time the attacker has already benefited from its use.

The app store restrictions on Apple hasn't totally kept the malicious apps out, hacker Charlie Miller discovered a method that exploits a flaw in Apple’s restrictions on code signing on iOS devices and demonstrated this by sneaking in an approved malicious app. Apple though quickly reacted to it by removing the bad application, terminating Miller's developer license and fixing the flaw in a software update.

The Android market does provide some free scanners but have been largely unproven and found unreliable. In a test conducted by the most popular of those is Antivirus Free by Creative Apps with over a million installations but scored a miserable 0% on both the manual and real-time scan, the best one Zoner Antivirus Free scoring a mere 32%.

To get an in-depth technical view into the security approaches of Google's Android and Apple's iOS mobile devices, read the report from earlier this year by security firm Symantec.

No comments:

Post a Comment