Most Android threats would be blocked if phones ran latest Android version, report says

Android 4.2 contains protection against premium rate SMS apps, but has a very low distribution rate, Juniper researchers say

Over three quarters of Android threats are malicious apps that send SMS messages to premium rate numbers and could be mitigated by a protection feature present in Android 4.2, according to researchers from networking vendor Juniper Networks.

However, because manufacturers and carriers fail to update Android end user devices in a timely fashion, only 4 percent of devices currently run Android 4.2, even though this version was released more than six months ago.

From March 2012 to March 2013 the number of mobile threats grew by 614 percent to reach a total of 276,259 malicious samples, researchers from Juniper Networks' Mobile Threat Center (MTC) said in a report released Wednesday. Of those malicious applications, 92 percent target the Android operating system, they said.

The surge of Android malware in the past two years is consistent with the findings of other security vendors that track mobile threats. This growth is primarily driven by Android's "commanding share" of the global smartphone market, the Juniper researchers said.

The majority of Android malware, 77 percent, are apps that earn money for their creators by either requiring users to send SMS messages to premium rate numbers or by surreptitiously sending such messages on their own. These threats usually masquerade as legitimate applications or come bundled in pirated apps.

The Juniper researchers estimate that every successful attack using such an app can bring an immediate profit of US$10 for the attacker on average.

Android 4.2 introduced a feature that detects attempts to send SMS messages to special rate numbers, also known as short codes, and prompts users for confirmation. Unfortunately, due to the Android market fragmentation, only 4 percent of Android devices are currently running Android 4.2.x.

This estimation is based on data collected from Google Play over a 14-day period ending on May 1, 2013, the Juniper researchers said. Based on the same data, the most common versions of Android found on devices are Android 2.3.3 to 2.3.7, also known as "Gingerbread," with a 36.4 percent coverage and Android 4.0.3 and 4.0.4, also known as "Ice Cream Sandwich," with 25.5 percent.

The lack of regular updates for Android devices contributes to the growth of Android malware, because the latest protections added by Google to the operating systems reach users too late or never, the researchers said.

The second most common type of Android threats are spyware applications that capture and transfer sensitive user data to attackers. These account for 19 percent of all malicious samples collected by Juniper's MTC.

Some information-stealing Android Trojan apps discovered during the past year and distributed through drive-by downloads or phishing emails could also pose a threat to enterprise environments, the Juniper researchers said. Data collected from enterprise mobile devices running Juniper's Junos Pulse endpoint collaboration and security software showed at least one infection on 3.1 percent of such devices.

While that figure is not large enough to raise a significant alarm, it is proof that the threat of mobile malware to corporate devices is not only theoretical, the Juniper researchers said. "We expect the presence of mobile malware in the enterprise to grow exponentially in the coming years."

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags mobilemalwaremobile securitymobile applicationsscamsspywarejuniper networksAndroid OS

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Lucian Constantin

IDG News Service
Show Comments

Cool Tech

Toys for Boys

Family Friendly

Stocking Stuffer

SmartLens - Clip on Phone Camera Lens Set of 3

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?