Android Malware Triples in Second Quarter. Or Has It?

By | Aug 17, 2012

Android malware has been a widely discussed topic in the past year, with news reports fueling most of the public's privacy concerns. In a press release, Kaspersky Labs, a trusted antivirus maker, warns users of a threefold increase in malware during the second quarter of 2012. Although this information sounds extremely alarming, the malware threat might not actually be as bad as it seems. In fact, security firm F-Secure believes that malware levels only saw a slight jump when measured during the same time period. The dissimilarity between each report means one of two things--either one firm is lying, or they are taking measurements using completely different methods. According to an article by PCWorld, the latter is true.

According to the Kaspersky press release, 14,923 new threats, formally called "unique samples," were detected between April and June--a stark increase from the 5,411 that were identified in the first quarter. Furthermore, almost half of these identified viruses were Trojans, which are known to steal contact information, email addresses, and phone numbers.

To make matters worse, 18 percent of the new threats were of the backdoor variety--malware designed to give cyber criminals complete control over the device. This enables the smartphone to be used as part of a bot network, where it can launch its own spam and malware. Kaspersky added, "Judging from existing trends, we should expect that cyber criminals will soon shift to more personalized attacks. This is primarily about malware hunting for confidential data with which to steal money from users' credit cards."

Despite the impending doom predicted by Kaspersky Labs, the F-Secure report paints a vastly different picture. F-Secure found 40 new malicious Android application package files (APKs), representing a 64 percent increase from the first quarter. Moreover, only 19 of those 40 applications were completely new, with the rest being deviations of known threats.

So which report should IT pay attention to? Security analysts believe that F-Secure's method is far more accurate. The advantage of measuring APKs over "unique samples" is that the results aren't overly inflated. For example, changing a single letter in a string of code would be flagged by Kaspersky as a "unique sample." Realistically, these two codes should be treated as one.

That being said, IT should recognize that a 64 percent increase in malware is still reason for concern--even if these levels haven't exactly tripled. With BYOD quickly becoming the industry standard, businesses should be worried that company information will fall into the wrong hands. In fact, the Kaspersky study found that Spy Trojans were a currently small, but growing threat. Spy Trojans are masters at stealing banking information; a danger that will undeniably be amplified once mobile payment systems begin to gain traction.

Since Android malware seems to be growing with no end, IT might actually want to enforce an outright ban on all Google-based devices. Recent figures have shown that 98.5 million Android smartphones were shipped during the second quarter of 2012, nearly triple the amount of Apple iPhones. The general consensus is that criminals will continue to target the Android platform as long as it holds the dominant market share in mobile phones; a phenomenon that has proven true with Microsoft software in the computing industry. If an Android ban is deemed too drastic, then the implementation of mobile-device-management (MDM) software and mandatory antivirus protection is a must.

Finally, the disparity between these two reports indicates that midsize firms should never read too much into the headlines. These articles are often written to drive views, feeding off of alarming statistics and scare tactics. Instead, IT professionals should fully understand the data themselves, before assessing the impact that it will ultimately have on them.

This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. Like us on Facebook. Follow us on Twitter.

IBM Solution Security & Resiliency

IBM IT security expertise can help medium-sized businesses develop, implement and maintain comprehensive strategies to combat ever-evolving security threats without increasing complexity, cost, or resources required for administration.

Learn More »

More on This Topic

Three Security Concerns for 2016

By Allan Pratt on Dec 4, 2015
As we near the end of 2015, what will 2016 look like in the information security sector? Undoubtedly there be an increase in data breaches across all industries, but will businesses take the high road and inform their customers and ...