According to the recently published Kaspersky Security Bulletin 2012, 99{af589cdba9d77786c8c861317dbad60bba1e2ebbf56e2ffab874a1b59fde9ce3} of newly discovered mobile malicious programs target the Android platform, with a very small amount targeting Java- and Symbian-based smartphones. 2012 was the second year to show explosive growth in Android malware. From a negligible eight new unique malicious programs in January 2011, the average monthly discovery rate for new Android malware in 2011 went up to more than 800 samples. In 2012 Kaspersky Lab identified an average of 6300 new mobile malware samples every month. Overall, in 2012 the number of known malicious samples for Android increased more than eight times. |
The majority of Android malware can be divided into three main groups according to functionality. “SMS Trojans” drain victims’ mobile accounts by sending SMS texts to premium-rate numbers. Backdoors provide unauthorized access to a smartphone, making it possible to install other malicious programs or steal personal data. Spyware targets the unauthorized collection of private data, such as address books and passwords (or even personal photos in some cases). In the first half of 2012, Backdoors, SMS Trojans and Spyware combined accounted for 51{af589cdba9d77786c8c861317dbad60bba1e2ebbf56e2ffab874a1b59fde9ce3} of all newly discovered Android malware. In the Top Ten chart of Android malware that was blocked by Kaspersky Mobile Security or Kaspersky Tablet Security, SMS Trojans are the most widespread, with applications showing unwanted ads to users in second place. Less widespread but by far the most dangerous are mobile banking Trojans that often work in conjunction with their desktop counterparts, as was the case with Carberp-in-the-Mobile.
The Android platform allows software installation from untrusted sources, and one of the best ways to guarantee an infection is to install programs from suspicious websites. However, malware on the official Google Play application distribution platform is another trend that started in 2011 and continued in 2012, despite Google’s best efforts to reduce cybercriminal activity. One of the most unusual examples of mobile malware in 2012 was the “Find and Call” application that managed to sneak into the Google Play store as well as Apple’s application store.