Snapshot
Android devices, tablets and smartphones, are the most targeted mobile OS for mobile malware attacks and for valid reasons. Cummulative mobile malware attacks have jumped 3,325% from June to December 2011, for Android devices. Their rise in malware attacks comes from not only comes from their correlating rise in market share but mostly due to their open app marketplace model. App developers can see their apps almost immediately available in the Google Play Store without any inspection or evaluation for malware. Windows Mobile and Symbian devices are also highly susceptible to attacks from Java ME apps, this app platform was found have the second highest number of mobile malware attacks in 2011.
Key Points
- The rise in mobile malware attacks for Android smartphones and tablet, the most of any mobile OS, has been rapid. In June 2011, there were only a cummulative 400 malware samples found targeting the Android platform, but the massive increase in December 2011 brought the cummulative malware samples number to 13,302, a 3,325% increase.
- Android being the most target mobile OS does correlate with the fact that it is allow the leading smartphone OS by subscriber market share.
- Android’s open app marketplace model is another reason for such a high number of mobile malware attacks, which basically allows an app developer to post an app in the Google Play Store and see it made available almost immediately without any inspection or evaluation for malicious apps.
- Android however does remove apps that are malicious, but only after they have found, post-launch. This process takes a few days, thus making it still advantageous for attacks to post malicious apps.
- The Android OS also allows for the download of apps from any third-party app store, which increases the flexibility for user app downloads but all leaves them open to more security risks.These third-party app store are more popular in Eastern Europe and China, and make a little to no effort in monitoring of malicious apps.
- Finally, there is a time lag between the actual availability of security updates posted by Google for their Android OS and the deployment of these patches by mobile device manufacturers to their customers. The lag occurs because the patch is originally made for the Android OS which is usually customized by the mobile device manufacturers for their devices, requiring a different version of the patch to created or leaving not available update at all.
- Aside from Android devices, Symbian and Windows Mobile devices are also very susceptible to mobile malware attacks as they are able to run Java ME apps, a platform that is second behind Android in the number of mobile malware attacks.
- From 2010 to 2011 there has been a 49% increase in the number of mobile malware attacks on Java ME apps. A total 3,851 new Java ME malware samples were found in 2011, even though market shares for Symbian and Windows Mobile devices have significantly declined.
- Growth in malware attacks on RIM BlackBerry devices very low, but these devices are open to a strong threats from variants of the ZeuS Trojan. A type of mobile malware that engages in online banking sessions by using the user’s record personal data.
Source Juniper Networks (February 12, 2012)
Respondents & Study Method An analysis of 793,631 apps and other vulnerabilities relating to major mobile device operating systems, 2011. The malware sample library used to assess mobile security threats had +28,000 malware samples.
Reference Juniper Networks
Image Surgical mask by GMF-Productions
No comments:
Post a Comment