For those with Android devices, the threat of malware is very real. While it's true that other mobile devices like those produced by Apple are not immune to malware, it's a fact that the vast majority of mobile malware hits Android devices – 97% of it, in fact. The picture this paints is of Android devices being overrun with malicious strains, and their users being constantly under attack. As Forbes pointed out, this is a somewhat unfair characterization, since that 97% figure is largely accounted for by "small, unregulated third party app stores predominantly in the Middle East and Asia." Still, the issue of Android malware is very real – and it's something that only appears to be getting worse.
440K+ new Android strains on the scene
Recently, one project examined the emergence of new Android malware strains in the first quarter of 2015. What they found was more than 440,000 new strains that emerged onto the scene in the first quarter. While this number represents a boost of 6.4 percent from the previous quarter in terms of emergent threats, SC Magazine pointed out that the figure itself isn't really shocking, considering the sheer amount of time people spend on their Android devices – not to mention the privileged personal data with which they entrust them. Back in 2011, TrendLabs from Trend Micro reported that there were 3.5 new Android malware threats being created every second. Back then, data stealers, premium service abusers and click fraudsters were among the most popular Android attack types leveraged by hackers.
But as user applications for Android devices have evolved, so too have the intrusion types deployed by cyber criminals. These days, users aren't just leveraging their Android devices for social networking and retail-based purchases. They're also using them for more private functions like banking, which can create a repository of breachable data for the savvy hacker if the user isn't careful. As Android threats continue to gain steam, here are two of the biggest types of attacks that users need to be aware of:
- Banking-based intrusions: In an interview with SC Magazine, Andy Hayter pointed out that with the rise in mobile banking among users, this practice has caught the attention of cybercriminals. When an Android user logs into his or her smartphone to participate in mobile banking, he or she is engaging in a practice that is relatively new, and therefore inherently vulnerable.
"Mobile banking has become a very profitable target of opportunity," Hayter said. "With mobile banking applications being new, bad guys are taking advantage, and targeting these apps since the majority of those using them are unaware that you should protect your mobile device from malware."
These banking-based Android malware strains can come in many different forms, but they are united by a mounting sophistication in design among the criminals who create them. Consider, for instance, a banking Trojan detected and reported on by threat post back in February. This malicious strain was built to intercept SMS messages, and in doing this compile privileged user banking data. Thanks to the strength of its design, the Trojan is able to pick up on certain indications within in-transit SMS messages that point to the message being about banking data. Once it's honed in on and intercepted a potentially data-revealing SMS message, the malware is programmed to email that message to itself.
Another way hackers will attempt to steal Android-based banking data is by developing malicious apps that unsuspecting users upload to their devices. One such example of this is a malicious strain called Trojan.Spy.FakeBank.ir., which was reported on in March. This threat dressed itself up as a banking app which, once uploaded to a targeted user's phone, imitates legitimate banks with the goal of swiping user data and sending it to the malicious actors behind it. While this malware was an Iran-based strain, it's the type of thing that could have the potential to spread across broader areas.
- Invisible attacks leading to targeted intrusions: You're on your Android device, but unbeknownst to you, you're not the only one on it. This is the scary situation Android users face who are hit by background-based mobile malware, which, according to Security Intelligence, is increasingly common in 2015. This is the kind of malware that won't do anything to disrupt your Android experience. In fact, you won't even sense its presence on your phone – which, as it turns out, is a more effective hacking method.
By launching covert targeted attacks that enable them to hide in the shadows, cyber criminals are able to infiltrate targets and then plan highly focused – and therefore more damaging – attacks. When a strain of malware is active on your Android device without your knowledge, it has the potential to compile your privileged data over an extended period. This data can then be harnessed by cyber criminals to create a highly individualized attack whose closely targeted nature can lead to much deeper consequences than the typical mobile malware attack.
The need for Android security
As current trends indicate, the proliferation of Android malware is going to be a continued problem, and one that Android users need to confront. For users without a strong security solution in place, the odds of getting attacked can be very high. And as hackers develop newer and more sophisticated means of waging intrusions, old methods of protection will no longer cut it. For this reason, Android users need a security solution that's tailored not just to protecting against the threats of today, but of tomorrow as well. This means an Android security package that's designed to provide continuous protection. When looking for such a package, make sure to find a solution that offers:
- Malware blocker: With the sheer amount of Android malware out there, you'll want to ensure that the security package you select has industry-leading malware blocking, since it's mobile malware that slips through the cracks that can cause major damage.
- App virus scanner: When it comes to defending against malware with a security solution, you need to make sure that you're entirely guarded – and a malware blocker alone won't prevent that. You'll also want to ensure that your antivirus software comes with an app virus scanner, which works to comprehensively review your downloaded and installed apps to guarantee that there's no intrusive element present on your system that could be stealing your privileged data as you carry out daily smartphone computing tasks.
- Malicious website blocker: For the typical Android user, all it can take is landing on one malware-laden website to trigger the unleashing of a malicious strain that could leave your device – and personal information – compromised. To keep this kind of threat at bay, look to install Android protection that comes with malicious website blocking technology. This tool is always on the defensive, identifying malicious sites before it's too late.
- Social network protection: There are many tasks for which people use their Android devices, but social networking is a key one. With people clocking in many hours a week on Android-based social networking apps and websites, malicious actors are aware of this and look for ways to exploit it. Social network-based attacks, therefore, are gaining momentum, and unsuspecting users can find themselves facing an intrusion simply by accessing their various social media platforms. But when your Android security protection includes social networking privacy tools such as Facebook scanning, you won't have to worry about the proliferation of social network-based intrusions.
- System optimization features: A truly first-rate Android protection package won't only work to defend against outside threats – it will also function to optimize your device's performance. When evaluating Android protection packages, look for performance-boosting features like smart power saver, battery optimizer, and memory status resources.
It's not just individual users who need to pursue Android security – it's businesses as well. With the increase in company BYOD policies, businesses are operating with an influx of employee Android devices accessing their network. As Trend Micro data points out, 82% of businesses currently allow employee personal devices for work-related functions. While BYOD has the potential to drive up productivity, it also opens up the door to vulnerabilities, and it's the enterprise's responsibility to keep threats at bay.
Otherwise, all it takes is a single vulnerability on one employee's Android device to trigger a domino effect that could leave the whole business exposed to intruders. Because just as BYOD is big business, so too is Android malware.
"It all goes back to monetization, what's the endgame?" Kevin Mahaffey said. "While [mobile malware] can be complicated it can generate a huge amount of money. The bad guys aren't stupid and they wouldn't do this if they weren't making money."
Individuals and organizations that leave their Android devices vulnerable are providing potential attackers with a revenue stream. And as recent malware strains have shown, hackers are working hard to develop and refine the most formidable malicious strains they can in order to breach Android devices. But by selecting a robust defensive tool, individual users and businesses with Android devices can take a key step toward keeping malicious elements out.