Malicious apps, mobile malware reaches 1 million mark

Malicious apps, mobile malware reaches 1 million mark

Summary: According to Trend Micro, there are over one million malicious applications currently up for download on the Android market.


There are over one million Android-based questionable and malicious applications in the wild, security researchers say.

In a blog post, Trend Micro's Gelo Abendan says that in 2012, over 700,000 malware and high-risk apps were found online. Due to Google's Android operating system expansion and popularity, the firm predicted that this number would reach the one million mark in 2013 as hackers sought to cash-in on Android and mobile devices.

The security firm's researchers say that this prediction has now come to pass.

According to Trend Micro Mobile App Reputation Service feedback, there are now over one million malware and high-risk applications in the wild. While mobile malware includes premium service abusers and risky apps may push advertisements that lead to dubious sites or replicate popular, legitimate apps in order to steal data or financial information, 75 percent of the examples found performed "outright malicious routines," while 25 percent "exhibit dubious routines," which include adware.

The researchers say that among mobile malware, FAKEINST and OPFAKE were discovered the most, claiming 34 percent and 30 percent of examples respectively. FAKEINST malware is generally disguised as legitimate applications, and are known to be premium service abusers -- sending costly text messages to services without a user's permission and incurring high costs as a result.

Rovio's Bad Piggies game, significant popularity among Android users, became part of a high-profile hijack by FAKEINST developers. Versions were created and released on Google Play right after the game's legitimate release. Although the clones were swiftly pulled, thousands of downloads took place. The malicious app asked for a number of extra permissions, including location, network communication, accounts, storage, phone call records, hardware controls and system tools.

OPFAKE is similar to FAKEINST, and also mimics legitimate apps -- but one variant, ANDROIDOS_OPFAKE.CTD, opens HTML files that ask users to download malicious files, as well as performing standard risky activities including premium service abuse.

On the high-risk application front, ARPUSH and LEADBLT lead the pack, accounting for 33 percent and 27 percent of the total number found. Both use adware and steal user information including operating system data, GPS location and IMEI -- the international code assigned to mobile devices.

The threat to mobile devices is not limited to personal data theft and adware, however. Trend Micro says that banking transactions performed on a smartphone or tablet are at increased risk, with the likes of FAKEBANK and FAKETOKEN malware threatening users.

Credit: Trend Micro

Topics: Security, Android, Apps, Mobile OS, Mobility, Smartphones, Tablets

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Open source.

    Open doors.
    Simon Tupper
    • Open or Closed Source

      By your comment, I assume you believe open source has more malware. Did I interpret your comment correctly? If so, can you provide more details.
      • Simon Tupper

        doesn't know what he is talking about, so never mind.
    • Like Windows, then?

      The ability of the user to screw up (give out their credentials or download trojans) is independent of the license of the code. The fully closed options aren't better, their users gets scammed via the browser instead.
    • Closed Sourced

      Secret doors
  • App Market Quantity Race

    In the much touted "quantity of apps" when choosing a tablet or phone, I've always read that iOS and Android each have a million apps. In the apps arms race, this was always used as a negative when speaking about Blackberry or Windows Phone.

    If there are a million "questionable" Android apps, does this mean that Android has at least 2 million apps -- 1 million genuine apps and 1 million deceptive apps?
  • Dear Cahrlie

    Please, if you happen to write about this, do some more careful analysis of the so-called "Android malware".
    First of all, when counting malware, one should differentiate, the downloaded apps and those that are downloadable. What are the methodologies? How do they get counted, in the first place? Is there any proof of them being real? Are there any lists, urls etc of those apps one can try out? If so, please publish them. What percentage of those apps end up getting downloaded by users eventually.
    Since all of those and many more questions are being touched upon by neither you nor the so-called "security researchers", you guys are simply spreading FUD.
    • sorry,

      1. No edit button.
      2. The subject box has a weird property and is not spellchecked by browser.
      3. zdnet, please, look up the word "competence" in the dictionary.
  • In the Wild Vs on Google Play

    How many of these are just 'out there' versus on Google Play's site? I always recommend to novice users to only download from Google Play. This sounds like a lot of FUD to sell software and get clicks onto this site.
  • Sales pitch

    If the numbers weren't scary, TM wouldn't have reported them.
    John L. Ries
  • Another scary headline huh?

    I don't necessarily think that the threat of mobile malware is over-hyped, but malware is also not going totally unaddressed either, as so many other reports imply for the sake of presenting a more fear-driven article. Last fall, T-Mobile partnered with Lookout to preload free malware- and virus-protection software into a ton of Android devices. A few weeks later, Airpush set the bar higher for all ad networks when it teamed with Appthority to scan and delete malware from its network. Overall, I think there's a problem but it's under control. And that's a win for mobile security.
  • Show me malware in Google Play or it doesn't count

    It's like saying the violence in Russia is increasing by the minute but unless you are in the threatened vicinity, it doesn't matter if you are Russian or not, it's insignificant to you.
    Likewise, the huge count of Android malware comes from dozens of dodgy appstores who copy the APKs of paid games and apps and inject their malware for suckers to download free. If you don't go near them, it doesn't matter how many they churn out.
    But it's great FUD though