The latest round of news popping up in the media about the growth in the malware threat on Android can largely be attributed to reports released by security software companies, such as the recent McAfee report. These companies clearly have a vested interest in frightening consumers and encouraging them to download and install security software. In reality the risks are relatively limited provided that you are cautious. However, the malware aimed at the Android platform is growing more sophisticated all the time.
Is This Scaremongering?
To a certain extent yes. The security companies obviously need to talk up the threat because they directly benefit by selling software that curtails it. It is also in the interests of other mobile platform providers to point out weaknesses in the Android OS. Right now it is extremely unlikely that you’ll fall prey to any Android malware and you can reduce the risk further by exercising some caution (more on that later).
While the risk may be getting exaggerated there is undeniably a risk. McAfee attributes top spot to Android in terms of mobile attacks in the second quarter of 2011 after a 76% increase in identified malware. Android takes over from J2ME in the list.
There are a couple of big reasons that Android has taken the undesirable top spot in terms of mobile malware.
Firstly, Android has become the most popular mobile platform overall. Cyber criminals will obviously target the most popular platforms because they represent the best chance of a good return. This is a simple numbers game.
Secondly, and of much greater concern for Google, the way that Android is set up allows for malware threats that you simply won’t find on iOS on the iPhone. This is all about apps. As we discussed before when asking whether most Android apps are garbage, there is no real quality control in the Android Market. Developers can release an app without going through a submission process and so malware apps can make it into the Market. They are usually identified and removed very quickly but this is a major concern for Android users. It’s worth noting that Google has claimed they are taking further measures to prevent the distribution of malware apps and that newer versions of the platform are unaffected.
The problem with Android apps is made worse because you can side-load apps. This means you can directly install any app from any source onto your Android phone. When people use sources other than the Android Market to install apps there is a much greater risk they will unwittingly download something dodgy.
So What Are These Threats?
The term malware is just a catch-all shortening of malicious software. It is a vague description. So what form are these Android malware threats actually taking?
The most obvious category is apps created by the criminals that are presented as legitimate apps. These could be anything from fake bank apps to calendars to comedy apps. Once the app is installed it might do any number of things. It could send SMS messages from your phone to a premium rate number, it might try to steal details about you or your contacts, or it could even just pave the way for further malware to be installed without your knowledge.
Tougher to spot is the modified legitimate app. This is when hackers will get a hold of an existing real app which is hosted on a third-party app site (i.e. not the Android Market) and modify it. This is a good reason not to download apps from potentially insecure locations.
Recent threats have become even more devious. There is the possibility of releasing a legitimate app that actually does what it says without a malware angle, but to then release the malware as part of an update to that app. There have also been attempts to present malware as security software that will remove malware! This is already pretty common for computers and it’s now making the move to smartphones.
Android Malware Prevention
There are some simple steps you can take to avoid malware threats. As you can see the threats all involve users choosing to download and install something on their phone. You can immediately reduce the threat by only downloading apps from the Android Market. You should read up on how to use the Android Market safely for more important tips.
The main thing to keep in mind is permissions. Android has a unique system when it comes to installing apps and it is part of the open ethos that the platform is built upon. Every app that you install on your phone will ask for permission to access various aspects of your phone’s functionality. You need to check this list and watch out for anything suspicious. Do not just blindly tap accept and assume it will all be fine.
I Can’t Be Bothered
When people talk about the iPhone being part of a closed eco-system where everything just works, and minimal user input is required, this is the kind of thing they are talking about. Personally, I love the open nature of Android and the fact that there are no barriers to developing on the platform. I also like to make my own decisions about what to install. However, many people do not want to be bothered with things like permissions. They don’t want to have to make a judgement or research an app before they install it – they just want it to work. They also assume that because it comes from a trusted source, like Android Market, that it must be okay.
As Android continues to grow there’s no doubt that it has penetrated the mass market. For a healthy future people’s expectations of a secure and intuitive platform must be met and this is one area where Google may be forced to take some action.
- McAfee, http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q2-2011.pdf
- Huffington Post, “Google’s Android Most Popular Target for Mobile Malware: Report”, http://www.huffingtonpost.com/2011/08/23/android-mobile-malware-target-_n_934088.html
- Image and screenshots by author.
- Information Week, “8 Notorious Android Malware Attacks”, http://www.informationweek.com/news/231300257