
With the explosive growth has come an unwanted rise in mobile malware and Android is topping this. According to Juniper Global Threat Center post, there has been a 472% increase in Android malware samples since July 2011. In their annual Malicious Mobile Threats Report report, Juniper found a 400% increase in Android malware from 2009 to the summer of 2010. A few months back security firm McAfee quarterly report noted similar findings that Android OS-based malware became the most popular target for mobile malware developers.
Not only the attacks have increased but have also gotten sophisticated, by exploiting the OS vulnerability the malware would gain root access and install even more damaging software packages. This way the attacker gains access to any data on the phone including all communications, location, and other personal identifying information. The mobile malware developers are the same actors who originally wrote malicious code for the legacy platforms of Symbian and older versions of Windows Mobile.
So the key question is how does Android platform fare in terms of security with Apple iOS? There may not be a platform security issue comparing one to the other. The problem lies in how the application stores are managed for Android and iOS. Apple reviews each application and its code before publishing it to Apple application store, this is missing in Android open application store where attackers can easily sneek in their malicious applications without requiring upfront review. Such applications only get removed after the fact that someone discovered and reported the malicious behavior. By that time the attacker has already benefited from its use.
The app store restrictions on Apple hasn't totally kept the malicious apps out, hacker Charlie Miller discovered a method that exploits a flaw in Apple’s restrictions on code signing on iOS devices and demonstrated this by sneaking in an approved malicious app. Apple though quickly reacted to it by removing the bad application, terminating Miller's developer license and fixing the flaw in a software update.
The Android market does provide some free scanners but have been largely unproven and found unreliable. In a test conducted by AV-Test.org the most popular of those is Antivirus Free by Creative Apps with over a million installations but scored a miserable 0% on both the manual and real-time scan, the best one Zoner Antivirus Free scoring a mere 32%.
To get an in-depth technical view into the security approaches of Google's Android and Apple's iOS mobile devices, read the report from earlier this year by security firm Symantec.