Google's Android is the most heavily targeted mobile operating system by malware since it is an open platform where malicious apps can make easy way to users' devices. A recent report has just underpinned the same, saying that both Android-based and the mobile malware in general are increasing even further.
F-Secure, a cyber security-related company, said in a report, titled the "F-Secure Mobile Threat Report," that in Q2 2012, more than 5,000 pieces of malicious Android software received, which represents a massive 64 percent increase of Android malware during the quarter over Q1 2012. This figure placed Android at the top of the list of the highest targeted mobile platforms at present.
"Every quarter, Android malware continues to grow in number, and Q2 2012 is no exception. We received a total of 5033 malicious Android application package files (APKs), most of which are coming from third-party Android markets," said the report.
"This amount is a 64% increase compared to the number in the previous quarter. Out of this amount, we identified 19 new families and 21 new variants of existing families," the report added.
The F-Secure report also pointed out a new infection method in the second quarter that used Twitter as a bot mechanism. In this method, the malware accesses a Twitter account (possibly set up by the malware itself) to obtain a server address, from which it communicates with and receives further command from.
After receiving instructions, the malware sends out SMS messages to certain numbers, and forwards data on the device's International Mobile Equipment Identity (IMEI) number, phone number and Android ID to the aforesaid server.
Apart from the continuing growth of Android malware and the discovery of new infection methods, the second quarter also revealed a trend in regionally-based attack. In Spain, for instance, there have been a lot of reports on banking-related attacks.
In this kind of attack, the malware appears to be specifically targeting users who perform an online banking transaction and need the Mobile Transaction Authorization Number (mTAN). It arrives as an SMS message, notifying the user to download a security application from the provided link.
The report stated that among all the malware types, SMS-based malware saw faster growth rate thanks to the increased profits that result from it. According to the report, the first "drive-by attack" on Android was in the form of a website that would automatically download a malicious application on the user's device and convince them to install it.
However, as Redmond Pie noted, the vast majority of Android malware was found on third-party app distribution markets. Given that, if a user stick to Google Play and don't download apps from unofficial sources, there're less chances of getting infected by any malware.
Check out the statistics below:
Android Malware Increase By 64% Since Q1 2012, SMS-Based Trojans See Faster Growth: Report. Source: F-Secure