According to McAfee the number of malicious Android apps surged from the hundreds to the thousands in the first quarter of 2012, compared to the same period last year.
In “McAfee Threats Report: First Quarter 2012″ the company reported that the number of mobile threats on Android reached 7,000 samples, while Symbian, Java ME (mobile edition), and “others” combined reached only 1,000.
Adam Wosotowsky, messaging data architect at McAfee Labs, attributed at least half of the newly detected malware to McAfee’s better detection methods, such as identifying more third party app stores and improving its scanning technology. Even taking this into consideration, he estimates Android malware has “definitely more than doubled” since the same time last year.
Not the “Year of Android Malware” Yet…
The figures are alarming, but it’s still fairly easy to keep your Android devices clean of malware. For starters, steer clear of third-party app stores (outside Google Play or Amazon App Store for Android). Unlike in the PC environment where worms can spread without any user involvement, mobile infections still rely on users installing malicious apps. Most Android malware still originates from and targets users in China and Russia, and gets distributed through non-official app stores.
However, attackers are becoming more sophisticated in their methods. In early May, Lookout Mobile Security reported a primitive sort of drive-by download, where attackers used compromised websites to trick Android users into installing the “NotCompatible” Trojan. When a user visited a compromised website, the malicious app would automatically begin downloading. However a user would still be prompted to install the app before it could exploit anything.
McAfee also found “significant amounts” of new adware, which even security-conscious Android owners can catch from official app stores.
Mobile adware refers to code within ad networks that can access more data perform more functions on your device than you’re probably aware of. For example in January, vendors Symantec and Lookout squabbled over the the shade of grey of one particularly aggressive ad network being used to monetize free Android apps. Symantec initially identified it as malware called “Android.Counterclank,” but hours later, Lookout Mobile Security said the SDK in question was really an aggressive ad network called “Apperhand” that placed a search icon on your mobile desktop without your permission, and pushed ads through the notice bar.
Google Play doesn’t block adware (after all it runs one of the most ubiquitous ad networks, AdMob) which can be a bigger problem for Android owners.
Fortunately, many vendors now offer ad network detectors that explain what the ad network dropped in your Angry Birds Lite can do. Check out Lookout Ad Network Detector or TrustGo Ad Detector for such tools.
As far as mobile security suites go, Lookout for Android is PCMag’s Editors’ Choice for Android security, but other high-performing malware detectors include F-Secure Mobile Security 7.6 and McAfee Mobile Security 2.0. All have free versions that include a quick malware scan.