Report: Android malware doubled in 2012, infecting 33M devices

Tools

Malware attacks on devices running Google's (NASDAQ:GOOG) open-source Android mobile operating system more than doubled in 2012, security solutions firm NQ Mobile reports.

NQ Mobile - Malware by Year

NQ Mobile saw a year-over-year increase of malware of 163 percent.

NQ Mobile discovered 65,227 new pieces of mobile malware in 2012 compared to 24,794 in 2011, a year-over-year increase of 163 percent. Among all new malware discovered last year, 94.8 percent of threats were designed to attack Android, compared to just 4 percent targeting rival open-source platform Symbian. In all, more than 32.8 million Android devices were infected in 2012, up from 10.8 million in 2011, representing an increase of more than 200 percent.

Chinese devices accounted for 25.5 percent of infected Android devices, followed by India (19.4 percent), Russia (17.9 percent), the United States (9.8 percent) and Saudi Arabia (9.6 percent). Fifty-three percent of U.S. Android owners have installed a mobile security app on their device, NQ Mobile adds.

Sixty-five percent of mobile malware discovered in 2012 falls into the category of Potentially Unwanted Programs--e.g., root exploits, spyware, pervasive adware and Trojans (surveillance hacks). Twenty-eight percent was designed to collect and profit from a user's personal data, and 7 percent was built to prevent the user's device from functioning properly.

The primary methods for delivering malware in 2012 included App Repackaging (adding lines of malicious code into a legitimate app and reloading it onto a third-party marketplace), Smishing (asking consumers to click on a fraudulent link, triggering a malicious app download or directing their browser to a rogue website) and Malicious URLs (redirecting the browser from genuine websites to clone sites intended to collect personal data).

Critics maintain Google has failed to sufficiently police its Google Play digital storefront, making it easy for attackers to distribute malware via Android applications. Google has made strides to reduce Android threats, however: In early 2012, it unveiled Bouncer, which scans Google Play for malicious apps, and its Android 4.2 OS update, a.k.a. Jelly Bean, bakes in application verification tools.

The NQ Mobile report nevertheless paints an even grimmer portrait of Android platform security than a similar study issued last month by digital security firm F-Secure, which found that 79 percent of all malware discovered in 2012 targets Android, up from 66 percent the previous year. The F-Secure report even inspired Apple (NASDAQ:AAPL) Senior President of Worldwide Marketing Phil Schiller to mock Android via Twitter, tweeting "Be safe out there" and linking to the F-Secure study. BlackBerry (NASDAQ:BBRY) CEO Thorsten Heins has also contended rival smartphone manufacturer Samsung Electronics will never be able to offer users top-grade mobile device security because of Android's open-source foundations.

For more:
- read this NQ Mobile report
- read this TechCrunch article

Related articles:
Apple exec Schiller takes shot at Android over malware headaches
F-Secure: Android to blame for 79 percent of all mobile malware in 2012
Android malware surges to new highs in Q3
Google denies Android malware charges, researchers backtrack
Report: Android malware increased 155 percent year-over-year
Report: Android Market plagued by malware threats
Google unveils 'Bouncer' to scan Android Market for malware

Comments