Android Malware surges 472%, growth expected to continue

Google's Android operating system has become a major target for malware. So much so that the number of malware apps has increased 472% since July of this year, according to Juniper Networks. Juniper claims that most of the explosion occurred between September and October and that it expects the infiltration rate to keep growing in the coming months.

According to Juniper, "The majority of malicious applications target communications, location, or other personal identifying information. Of the known Android malware samples, 55%, acts in one way or another as spyware. The other major type of attack, which make up 44%, are SMS Trojans, which send SMS messages to premium rate numbers owned by the attacker in the background of a legitimate application, without the person's knowledge. Once these messages are sent, the money is not recoverable, and the owners of these premium rate numbers are generally anonymous."

At this time, there is no way to stop the Android malware writers because of Google's open applications store model and current review process.

Read more »

‘Battery Upgrade’ malware shows users how to make their phone vulnerable

Is anybody feeling some 90s nostalgia right about now? It seems like hardly a day goes by where we don’t hear about some sneaky new way for hackers and identity thieves to compromise incautious Android users’ phones. The latest is a “battery manager” app that not only compromises your data, but gives you a quick lesson on how to open up the “unknown sources” app install method your phone for easy exploitation. Once installed the app steals your phone number, email address, unique IMEI code and other personal information.

The app is going by both “Battery Doctor” and “Battery Upgrade”, mimicking popular (and legitimate) apps like Juice Defender and Power Manager. It’s being advertised, presumably via paid ads, on real apps like Scrabble right now. That sets a disturbing precedence for normally harmless ad networks, but it should make it pretty easy for administrators to quickly shut down its primary method of distribution. Adding insult to injury, the app places permanent ads in the pull-down notification bar once installed, which almost certainly drains the battery even faster.
We can’t say it enough: never download an Android app from a source that you don’t completely trust, just like on any operating system. We’re huge fans of Android’s expandability around here, not to mention frequent users of non-Market apps, but it’s an indisputable fact that it’s become the primary vector for malicious apps like the recent fake Netflix data miner. Spread the word to your less technically-inclined friends to keep them from becoming digital victims.

Read more »