One of the stories, Android Second Most Widely Targeted Platform by Hackers After Windows, is based on a report from Hewlett Packard which shows that Android has become the second favorite target for malware writers after Windows. HP researchers counted some 4.5 million unique Android malware samples in 2015, a number that was many times higher than the 70,000 unique iOS malware samples they counted over the same period. Year over year, Android malware grew at a staggering 153%. Considering just how widely used Android systems are, it should come as no surprise that bad actors are going after it in such a big way. But that’s not much consolation for those forced to deal with the security issues.
If the growth in malware is not worrisome enough, another report featured in Android Secured last week, this one from the Ponemon Institute, showed how expensive such malware could be for organizations. Ponemon surveyed 588 IT professionals from Fortune 2000 firms and found that organizations on average spend $9,485 remediating malware from a single infected mobile device. The survey showed that the costs associated with investigation, forensic analysis, help desk and other malware-related issues can add up pretty quickly. In fact, when malware is used to steal data or employee credentials, the remediation costs increase sharply to $21,042 per device. Check out Mobile Malware Costs Enterprises $9,485 Per Device for more details.
The really significant report, though, is from Appthority. The report, summarized in Android Secured as Data Leaking Apps Are a Bigger Immediate Threat Than Mobile Malware, shows yet again that data-leaking apps pose a more immediate threat to corporate data security than Android malware. An alarming 87% of the hundreds of thousands of Android apps that Appthority analyzed exhibited leaky behavior like transmitting device ID location, calendar, address book and SMS information. Nearly the same number of apps tracked and collected user location data, while 11% exhibited truly malware-like behavior like compiling a list of all apps on a device and executing commands outside the application sandbox.
Together, the takeaway from the three reports is simply this: Android malware is a growing risk, but pay attention to the apps that your users download as well. For the moment they present the greater danger.
In other news, our reports titled Malware Writers Slip Acecard Banking Trojan into Google Play Store and Porn Clicker Malware Tests Google’s Ability to Keep Bad Apps Out of Play Store both highlight how threat actors are increasingly finding ways to slip malware into the hitherto secure Google Play mobile app store. Acecard is a sophisticated banking Trojan that security vendor Kaspersky Labs has been tracking for some time. The malware has been used in more than 6,000 attacks already and was recently seen disguised as a legitimate app in Google Play, according to Kaspersky. The porn-clicking app is another example of malware writers infiltrating Google Play with malicious software disguised to look like legitimate applications. In this particular case, the authors of the malware have managed to evade Google’s filters for seven months.
We know at BlackBerry that security on mobile devices, particularly in the workplace, is paramount. So we wanted to let you know about Google’s yearly report, Android Security 2015 Year in Review, which outlines the improvements Google has implemented to increase the protection of Android devices and data, ensuring Android is the secure and trusted OS choice for businesses of all sizes. To discuss the details of the report, Google’s Lead Engineer for Android Security, Adrian Ludwig, is hosting a Hangout on Air on April 5 at 10am PST. Register now at https://goo.gl/nGBIYs to join Adrian and learn about the many security features recently added to Android.