Android malware could reach the 1 million mark by year's end

Android malware could reach the 1 million mark by year's end

Summary: One security firm warns that Android malware could rocket this year and hit the 1 million milestone, as malware writers and hackers continue to target post-PC platforms.

TOPICS: Security, Android

Security firm Trend Micro's predictions for 2013 include one potentially concerning consideration: The post-PC malware threat has truly arrived, and Android will take the brunt of the targeted nasties throughout this year.


According to the security giant and anti-malware maker, 2012 showed that malware writers, spammers, and hackers have begun to capitalize upon the mobile market, with a particularly keen eye for attacking the Android platform. Not only does Google-owned Android have the greatest market share, therefore making it an easier target, it also has a more open platform to work with, compared to Windows Phone or the iOS-based platforms.

Also on the security agenda was the rise of OS X-targeted malware--as we have seen over the past year--but also a rise in Java-based Windows attacks, which toppled over into the new year with even the US government warning users to disable or uninstall the Web plug-in.

Social-media attacks are also on the rise, showing a distinct trend from the traditional target vector of Windows-based PCs to a wide range of platforms, both online and offline.

And in a "blowing-one's-own-trumpet" moment, Trend Micro noted that its previous predictions for 2012 have "come true," the firm said.

A few key takeaways:

  • Trend Micro detected 350,000 threats for Android, with a growth ratio of 14:3 for Android versus PC. In context, it took Android just three years to achieve the PC volume of malware threats within 14 years. By the end of this year, the volume of Android malware could reach as high as the 1 million mark.

Screen Shot 2013-01-23 at 10.29.06
Android threat growth.
(Credit: Trend Micro--PDF)
  • The number of Android malware detections spiked in the third quarter from 41,000 to 156,000 samples, according to the firm's research. 38 percent was adware, 25 percent stole data, while 22 percent included a malicious downloader. Leading the threat type, however, was a premium service abuser at more than 40 percent.

  • Java-based threats helped lead Apple's OS X platform into the crosshairs of malware writers, hackers, and botnet controllers after the first widespread attack against the Mac.

  • Social-media platforms became a greater target for cybercriminals as the security firm warns users to avoid "oversharing" on Facebook, Twitter, Google+, and so on.

  • Enterprises suffered from an "alarming rate" of data breaches and targeted attacks, the firm said. The widely reported Global Payments breach cost more than $94 million and is "still climbing," to give one example. Meanwhile, targeted attacks--such as allegedly government-backed attacks and other "children of Stuxnet"--are being used to attack high-value targets, notably with the discovery of Flame, Duqu, and Gauss, which derived from the "original" Stuxnet worm.

  • Rather than using existing attacks, attackers used more professional software-development practices, the company said, by using Blackhole Exploit Kit (BHEK), Automatic Transfer Systems (ATS), and "improved" ransomware.

Topics: Security, Android

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • No Android no cry...

    Are you remember song "No Woman no cry"? Time for modern version ;)
    • So much for Linux security

      Time to bury the myth.
      • What does the Linux Kernel

        have to do with anything.
        • yes yes

          Today Linux is a kernel and yesterday was 'safest os on the planet earth'... where is Dietrich T. Schmitz when we need him?
          • Source

            Where did DTS say Android OS was the safest?
          • who says somthing about android?

            I write "Linux" not "Android", see a difference here?
          • Are these users

            downloading the malware and installing it.. From prev comments pertaining to windows its not the OS fault for what user downloads onto the os.. But this does not include exploiting the system, 3rd party exploits, worms)
            Anthony E
          • RE: Are these users

            Like always there is malware who need user interaction and there is malware who exploit OS vulnerability and works whit out user attention, here you can find both:

            This is only small sample.
          • where are you mr. edit button?

            Just look on front page:
            Families that contain Root-Exploits 18,3 %
            You know what that's mean, do you?
          • Yes to use the same methods other people use

            to root the phone but the payload will do it and install there payload into the system w/o restrictions. Just like a rootkit but a rootkit has be executed or installed onto the end system just like those have to be install on the phone.. Not denying there's malware but they have to be downloaded and installed by the end user to work.
            Anthony E
          • fun to read, Mr.SV

            "In 2012 our Mobile-Sandbox analyzed over 300,000 Android applications that were submitted by mostly anonymous users, Anti-Virus-Companies and by our own. Within this huge amount of data our system detected nearly 43,000 malicious and unwanted applications"
            It would more imposing to have 300K malicious apps out of 43K apps submitted.
            Can we see any those malicious apps, at least from the Google play?
          • Re:Can we see any those malicious apps, at least from the Google play?


            And there is much more, this scanner:

            Catch only 15 percent of malware, please do some research on your own.
          • I can see only two

            GTA, Super Mario? out of 40,000? Com'on. Moreover, there is an app right now called GIA (Italian cuisine or something)
            This app wants to know location, make phone calls, services that cost you money, full network control, modify/delete sd card content.
            Conclusion: don't install this crap even if it's not a malware.
            Like I said, use your own brain
          • Re:OnlyTwo

            I give you only two, but if you do some research, then find more, sorry, but you know what they say about fish and fishing rod ;)

            And I agree with you... to some level. Average user have little knowledge about malware, what is good and what is not. You must remember one thing, for most people, this is just a phone, not computer, not OS, so they even are not aware of 'danger' from this side (app/android/phone).

            I see many topic on random board where someone write "on my billing is huge price from premium sms service, service I never use"... Live my friend.
          • 2 out of 40,000

            is .0000005 % I am not saying these don't exist. I would like to see larger sample with links and statistics of the the infection percentages.
            As I said earlier, a better way of evaluating the threat is to sample users' devices to analyze how many got hit by this or that. Personally, I have to meet a single Android user to get infected and in the meantime I hear people complain about their Windows infections happening here and there.
          • ".0000005 %" is wrong, should be 0.005%

            edit functionality is not present
          • adware

            adware is about 30% of what they class as malware.
            pure adware should not be classed as malware otherwise free-to-air TV contains 100% malware.
          • Adware

            FTA TV is 85% Malware/Adware.
          • The files on the site are standard apk..

            Which can be downloaded from market or unknown sources.. None show exploiting the system to install themselfs.. They show they can exploit the system after installation.
            Anthony E
          • The argument has been Linux is SAFE in addition to secure

            It's no longer safe as, like Windows, it has a large enough market share to warrant the attention of malware authors. Hey...that sounds familiar.