Malware writers gunning for Google Android
- — 11 May, 2011 04:43
Symbian and Microsoft Windows Mobile platforms have been the proving ground for mobile malware over the past five years, but a new Juniper Networks report states that Google Android now takes "the crown" as the platform getting the most attention from malware developers.
"That's where the momentum is for 2011," says Dan Hoffman, chief mobile security evangelist at Juniper, whose "Mobile Devices: The New Frontier for Malicious Exploits" report examines the deterioration in mobile security. Juniper urges enterprises to adopt the same security controls for smartphones as they would for laptops.
"Consumers can expect to see more advanced malware attacks against the Android platform," according to the report. These attacks include "command and control zombies and botnet participators, devices that are remotely controlled to execute malicious attacks."
As for Android, in January 2010 the first bank phishing application appeared in the Android Market. Another Android-related incident came about in which "mobile service provider Vodafone was unknowingly shipping devices from its mobile handset manufacturer with Secure Digital (SD) cards pre-loaded with the Marisposa botnet that affected Windows systems. When a user unpacked their new device and connected it via USB cable to their Windows-based PC -- to transfer files or synchronize the device -- the SD card's autorun function would initiate and infect the user's computer with the botnet."
The Juniper report recaps other mobile malware shockers, such as the Android Market's DroidDream infiltration earlier this year and other problems from last year when applications capable of malicious activity were identified that had found their way into the Android Market.
In contrast, "the Apple iPhone suffers from relatively little known malware, although applications exist to obtain user data and clandestinely transmit this information outside of the device," according to the Juniper report, which points to research done at the Technical University of Vienna and the University of California, Santa Barbara, that analyzed 1,400 iPhone and iPad applications.
The results of that study showed "nearly half of the analyzed applications leaked various forms of sensitive data to third parties. In most cases, application developers used pre-packaged code purchased from advertising agencies, originally intended to collect device information that could be used to build advertising profiles of the device user."
The report also draws from the general experiences last year of Juniper's own customer base using the Junos Pulse Mobile Security Suite software on smartphones. "Spyware capable of monitoring any and all forms of communication to and from a mobile device accounted for 61% of all reported Juniper mobile customer infections," the report states. For those using Android, it was 100% of all reported infections.
Juniper also notes that it found one-third of registered software users lost their device at some point and were forced to use the Junos Pulse software "locate device" capability, with 77% of these users then deciding to send a command to lock the device to stop someone using it. About a third never issued an unlock command, which brings Juniper to believe these devices were never found.
Read more about wide area network in Network World's Wide Area Network section.