Staggering Increase in Android Malware Variants, Trojan Apps

The number of malicious programs that target Google’s Android mobile platform is growing at an alarming rate, according to data from anti-malware company F-Secure. 

The number of malicious programs that target Google’s Android mobile platform is growing at an alarming rate, according to data from anti-malware company F-Secure. 

In the first quarter of 2012, F-Secure identified 3063 new malicious Android application packages (APKs) and 37 new families of Android-based malware, according to the company’s latest Mobile Threat Report [PDF]. That is compared with 139 new malicious APKs and just 10 new malware families in the same quarter last year. 

“This type of growth really shows how much more the Android OS is being targeted by criminals,” Kaspersky Lab Android security specialist, Tim Armstrong told Threatpost via email. “As people move from traditional computing platforms to more mobile solutions, Android malware will continue to grow exponentially, as it is currently the easiest for malware authors to attack.”

F-Secure said the sharp increase in Android malware is the result of malware authors tweaking trojanized applications to evade anti-virus signature detection, changing up the names of the malicious apps, and slipping trojans into popular applications.

Trojans were the most common type of threat on the Android platform. Fully 84 percent of threats were trojans this quarter.

Android malware isn’t just more common. It’s also more complex than earlier generations of mobile malware, F-Secure reports. F-Secure Labs’ Security Advisor, Sean Sullivan said that malware related crashes and other installation problems are less common. Malware authors are bundling their malware with legitimate applications and creating multi-function malware applications. For example, the ‘RootSmart‘ trojan uses a root exploit to gain elevated privileges and install more applications on a device. It is also equipped with botnet capabilities that allow it to receive commands and, in turn, perform malicious commands like making calls, sending premium SMS messages, and accessing paid content.

F-Secure’s report follows closely on the heels of Juniper Network’s Trusted Mobility Index, which claimed that mobile adoption is outpacing mobile security.

Suggested articles