updated 09:20 pm EDT, Thu May 30, 2013
Trojan horse attacks most likely avenue of infection
Mobile platforms are under increasing attack, according to security researcher Kaspersky Lab. A recently released report indicates that not only has the pacing of attacks quadrupled, but 99.9 percent of new mobile malware discovered in the first quarter of 2013 are Android-specific. The most common attacks are "trojan horse" malware, accounting for 63 percent of all infections.
The security researcher has noted that "over the past few months, Kaspersky Lab has detected over 20,000 new mobile malware modifications. In February, we detected 12,044 mobile malware modifications, and another 9,443 in March. To compare -- a total of 40,059 modifications of malicious programs targeting mobile devices were detected over the whole of 2012."
Android's malware threat has now grown to nearly the level of compromised Windows systems, and taken over entirely from the previous riskiest mobile OS, the now-discontinued Symbian. Other platforms, such as iOS and Windows Phone, remain essentially threat-free. While Google has taken steps to try and make its own Play store more secure, the company freely allows others to build their own app stores, which may inadvertently host more malware-infected apps.
Another issue working against Android security is that most of its uses are on outdated versions of the OS, making exploits easy to distribute. Though Google has improved security in more recent editions of Android, a large majority of users are still on much earlier 2.x and 3.x versions. Fewer than 10 percent of Google devices run the latest 4.x Android version, and it is mostly left up to carriers -- rather than consumers or Google -- to determine if a given device will ever receive security or other updates. Even when updates are made available, it is often weeks or months after the Google release, allowing time for researchers to find and exploit vulnerabilities.
Overall, malicious links accounted for 91 percent of total threats in the Kaspersky report. Top host countries include the US leading the list at 25 percent, Russia at 19 percent, and the Netherlands at 14 percent.