Android becomes second most popular malware haven in Q1
Summary: McAfee noted that Android devices are becoming malware havens. Android was the second most popular environment for mobile malware behind Symbian in the first quarter. Historically, Android remains No. 3.
The first quarter was the most active in malware history and mobile attacks are moving to the forefront, according to McAfee data. Android attacks are also picking up.
McAfee's first quarter threat report noted that attacks surged in the first quarter, but spam has fallen. In fact, there were 6 million unique malware samples in the first quarter, the highest ever for the first three months of the year. February had the most new malware samples---2.75 million.
Fake anti-virus software---think Mac Defender---reached its highest levels in march with 350,000 unique samples.
As for emerging threats, McAfee noted that Android devices are becoming malware havens. Android was the second most popular environment for mobile malware behind Symbian in the first quarter. Historically, Android remains No. 3.
Related: Malware sneaks by Google's Android Market gatekeepers again
McAfee Labs combats several developing families of malware that attack Android phones. One of the families, Android/DrdDream, comprises a variety of legitimate games and apps that have been injected with malicious code. These threats are unique and quite dangerous due to the use of two root exploits to gain greater control of those phones. The two exploits—Exploit/LVedu and Exploit/DiutesEx—were initially used by users trying to gain legitimate root access to their own devices, a process commonly referred to as rooting.1 In the PC world, malware often uses exploits to enable drive-by downloads that infect machines visiting specially designed or compromised websites. For mobile devices, much of the malware has required user interaction, but in the near future mobile exploits will certainly allow automatic malware installation. Like Android/DrdDream, the Android/Drad family is made up of maliciously modified applications.
This family sends device information to an attacker-controlled site. Just like in the PC malware world, Android/Drad listens for commands from the attacker. The malware can also download additional software, though it stops short of being a full-fledged mobile botnet. It appears that the malware uses blackhat search-engine optimization techniques, a process of manipulating search engine results to place dangerous sites higher than they should appear in lists of hits.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
B-b-but it's linux!!
RE: Android becomes second most popular malware haven in Q1
What does LSM have to do with Android? Who lied to you?
Re: B-b-ut it's linux!!
Message has been deleted.
RE: Android becomes second most popular malware haven in Q1
Android was supposed to be built upon the Linux Kernel
It is called AppArmor
And when Google adds it to Android and/or a 3rd party does, it will do as it states. I would suspect that Google will be forced to use this sooner rather than later.
http://en.wikipedia.org/wiki/AppArmor
RE: Android becomes second most popular malware haven in Q1
No it isn't.
And neither is Vista/Windows 7 now that they have moved to the same model of real NON-Root/Admin operation. A virus is a self installing, self replicating piece of code installed with no user interaction. If it requires user interaction to install it, it isn't a virus. Any operating system can have malware installed if the user happily installs it.
RE: Android becomes second most popular malware haven in Q1
RE: Android becomes second most popular malware haven in Q1
It's good that you know your computer history. So here's a historical fact: No other operating system has been as susceptible to, and affected by viruses/trojans/scripts/malware than MS Windows.
In the history of computers, no system has sustained as much damage and digital gore as computers running that oh-so-delicate OS.
So, while you can say that (technically) every system is susceptible to worms and virii, Linux based computers will retain the title of safe havens for computer users. I strongly recommend that users choose the safest environment available to work in- which ain't Windows.
Linux is NOT UNIX ...
UNIX is protected by copyright, not patent. As such, anyone could build an OS that behaved the same way as UNIX - as long as the author did not violate the Ball Labs COPYRIGHT by stealing UNIX Source Code.
FreeBSD, for instance, is variant for 4.3 BSD (a UNIX variant developed at UC-Berkeley) which has been stripped of all the original AT&T UNIX source code.
Long before Linux, most UNIX utilities were "cloned" into GNU utilities (GNU = Gnu's Not Unix).
Linus Torvalds later developed the Linux kernel under the GNU Public License so the kernel and the GNU utilities could be distributed as a completely UNIX-source-code free OS which behaves like UNIX but is NOT UNIX.
ALL operating systems are susceptible to attack. This is inherent in any OS because the author of the OS has to design the OS with certain assumptions in mind about how it is to be used. Software designers cannot contemplate every possible way that the human mind can devise to MISUSE the origianl software so ...
As the number of people with knowledge of the internal workings of the software grows, the number of hackers grows. As the number of uninformed users grows, the temptation for hackers to write malicious code (for fun and profit) grows.
RE: Android becomes second most popular malware haven in Q1
The first was developed in HP labs for testing and hardware diagnosticstheir OS in 1974. The project was canceled due to difficulty of control.
The systems did not run UNIX.
RE: Android becomes second most popular malware haven in Q1
Yes, the old "if it doesn't self install/self replicate its not a virus" factoid about viruses. Admittedly, malware that self installs and self replicates is a very disturbing form of malware. The thing is, who really cares that much, its all bad crap.
To often the "if it doesn't self install/self replicate its not a virus" has been waived about like a moniker of pride by OS users that are not susceptible to self installing viruses. I say too often because its kind of like telling someone the reason they went off the road wasn't because of a flat tire, its because the tire literally came off the rim. Sure, its nice to be able to sit around and brag about any OS that is not susceptible to viruses, but if its going to be bragged about it needs to be discussed in terms of the fact that just because you cannot get a virus, you can be still quite susceptible to other forms of malware that could result in terrible things happen to you that are far worse then what the typical virus does.
So who really gives a flip flying whatever exactly what it is that makes a virus a virus. Lets just make it plain for fanboi's of every color; NO OS is bullet proof and any OS can get malware on it that could ruin you if you don't do the right things.
It almost feels like we are getting to a place we should have been years ago, and thats the fanboi's of certain OS's admitting they are just as susceptible to dangerous attacks as anyone if the blackhats decide what you are running is going to be their next target.
@Cayble
Nope, it's like telling them they didn't go off the road because of a flat tire but because the drove themselves off of it.
RE: Android becomes second most popular malware haven in Q1
RE: Android becomes second most popular malware haven in Q1
malware cannot affect kernel .. u moron
User installed malware,
And the dullards and simpletons keep believing it.
RE: Android becomes second most popular malware haven in Q1
If you don't go download crazy and install apps from random weird places online you shouldn't have a problem. You can make the Android phone far more secure than any other phone on the market. There are firewall programs out there for the Android that will let you see exactly what is going in and out on the phone and what apps are doing the sending and receiving. Whisper Systems offers several free programs to up the level of security on your Android phone. You can also encrypt all your SMS messages and you can encrypt all your phone calls for free as well. So right now Android is coming out far ahead in security compared to any other phone currently on the market. Not to mention doing it for free as well.
http://www.whispersys.com/
Apple, Blackberry and Windows have nothing like this to protect their users. In fact Apple has been accused of pulling tracking data from users iPhones that tells them exactly where the iPhone has been and at what times. I believe that Windows had a similar type of problem in the past as well.
The bigger problem for corporate phones is how insecure all cell phones and smart phones are. You can set a password on your phone and I can hook up a data cable to it and dump everything on any cell phone in 10 seconds to as long as 10 minutes on any phone. The longest would be the iPhone 32gig just because transferring 32 gigs of apps and books takes a little time. It doesn't matter what you set a phone to do or password protect. Anyone who get access to your phone can dump everything and you would never know it happened.
http://www.cellebrite.com/
Unless your corporate phone has something to encrypt all the data on it, it can be dumped in nothing flat. None of the phones but the Android now have that option. That is a special device to dump every phone in existance. If you have all the different data cables and some free software you can do the exact same thing with a laptop and nothing any of the phone do currently will stop you. Now that there is this software for Androids to completely encrypt every single piece of data on them, it makes the Android far more secure than any other phone currently on the market. This should scare the crap out of corporations to know that none of their cell phones are safe. You think you can remote wipe it? I just remove the SIM card and dump the phone. I could just swipe your cell phone for a minute or two while your not looking and dupe the whole phone. Scary stuff for corporations with sensitive data on their cell phones.
RE: Android becomes second most popular malware haven in Q1
https://market.android.com/details?id=com.maildover.eurotrap&feature=search_result