Android a favourite with cyber criminals

Android is the most popular platform for malicious programmers.

This is according to Kaspersky Lab, which says the amount of Android malware has even overtaken “generic” Java malware. “In September 2011 alone, the number of newly discovered malware for Android-based devices increased by more than 30%,” says Kaspersky. It adds that the share of Android-based malicious programs among all mobile malware is more than 46%, and “growing rapidly”.

The company says Antammi.b is an example of one such mobile app that was distributed through the official Android store. It notes that the application was removed after Kaspersky sent out a notification. Kaspersky says Antammi.b, disguised as an app for downloading ringtones, “steals almost everything, from contacts, texts, GPS co-ordinates and even photos. The activity log is then sent to the criminal behind the scam via a simple e-mail message, and the data is uploaded to a server,” the company says.

According to Kaspersky, the relationship between cyber criminals and the Android platform is not surprising, given the platform's “leading market share, flexibility and openness”. However, it adds that there is a lack of control over the distribution of Android software.

Kaspersky cautions that malicious mobile apps are increasingly targeting users' personal data. “The share of particularly Android-malicious apps trying to steal personal data went up to 34%,” it adds. The company says this is alarming because these malicious mobile programs sometimes show up on Android Market.

Steven Ambrose, MD of Strategy Worx, says cyber criminals are attracted to Android because of the platform's growing popularity. “The creators of malicious programs will always go where the market goes; and Android is where the activity is,” he says.

According to Ambrose, the high prevalence of Android-based malware will have little effect on the platform in the short term. However, he argues that in the medium to long term, “Google and its Android platform will become hardened to the threats”. He adds that more security will be built into the Android operating system as well as on the application level.