A tone called mal­ice

An­droid de­vices are in­creas­ingly un­der at­tack from the scourge of mal­ware, writes Rod Ch­ester

Herald Sun - Switched On - - Gadgets -

FOR users of the 900 mil­lion Google An­droid gad­gets cir­cu­lat­ing the globe, statis­tics on the dra­matic rise of An­droid mal­ware are alarm­ing.

Se­cu­rity com­pa­nies, in­clud­ing Ju­niper Net­works and Bit­de­fender, re­port an ex­plo­sion in An­droid mal­ware, with Trend Mi­cro pre­dict­ing An­droid mal­ware cases will hit 1 mil­lion by the end of the year.

But there are those, such as Google en­gi­neer Chris DiBona, who say caus­ing alarm is the mo­ti­va­tion for the anti-virus com­pa­nies, who iden­tify the prob­lem then mar­ket prod­ucts to ad­dress it.

Back in 2011, DiBona notably at­tacked anti-virus com­pa­nies as play­ing on con­sumers’ fears.

Google tack­led the prob­lem of mal­ware when it launched its Bouncer scan­ner to de­tect mal­ware in apps on its app store, Google Play. New An­droid soft­ware, Jelly Bean, also scans for mal­ware in apps in­stalled from out­side the store.

Trend Mi­cro se­cu­rity re­search global vice-pres­i­dent Rik Fer­gu­son iden­ti­fies this as the se­cu­rity in­dus­try’s ‘‘ em­bar­rass­ing prob­lem’’.

‘‘ For years, they’ve been warn­ing ‘ mo­bile mal­ware, it’s com­ing’ and yet the dangers have not reached a crit­i­cal point,’’ Fer­gu­son says. ‘‘ We have a prob­lem per­suad­ing the world at large that we are not crying wolf yet again.’’

Bit­de­fender chief se­cu­rity re­searcher Catalin Cosoi says the flaw in the ar­gu­ment that an­tivirus com­pa­nies are over- hyp­ing the prob­lem to gen­er­ate sales over­looks that some an­ti­mal­ware tools are free.

‘‘ Peo­ple be­lieve we’re mak­ing up statis­tics so we can scare them into us­ing our prod­ucts,’’ Mr Cosoi says.

‘‘ We don’t make up statis­tics. We say this is the prob­lem. Yes, we would love them to use our prod­uct but we’re not push­ing that.’’

Help­ing to per­suade scep­ti­cal An­droid users that the threat is real is a grow­ing num­ber of stud­ies show­ing mal­ware apps spread­ing.

We­don’t make up statis­tics. Wesay this is the prob­lem

Trend Mi­cro’s March re­lease shows of the 2 mil­lion An­droid apps it ex­am­ined, 293,091 were out­right ma­li­cious and 150,203 were high-risk.

One of the points made in play­ing down An­droid mal­ware risks is that it mainly af­fects those who down­load apps from Rus­sian and Chi­nese app stores.

But the Trend Mi­cro study found that of the 293,091 ma­li­cious apps, 68,740 were in the Google Play app store.

F-Se­cure Labs last month pub­lished its Mo­bile Threat Re­port for the first quar­ter of 2013 which iden­ti­fies the An­droid Tro­jan Stels as a ‘‘ gamechanger’’. It uses a fake email, claim­ing to be from the US In­ter­nal Rev­enue Ser­vice, to ob­tain sen­si­tive in­for­ma­tion from the An­droid de­vice and di­rect­ing it to SMS pre­mium num­bers owned by the hack­ers.

The re­port also iden­ti­fies the first con­firmed tar­geted at­tacks in the mo­bile space, with Ti­betan hu­man rights ac­tivists tar­geted with an An­droid mal­ware-in­fected at­tach­ment.

Cosoi says the launch of Bouncer re­duced mal­ware from the Google Play store but there were new risks for An­droid users, namely le­git­i­mate apps with ‘‘ ag­gres­sive ad­ware’’.

He says step one for An­droid users want­ing to pro­tect them­selves was to look at the per­mis­sions apps re­quired be­fore in­stal­la­tion, or by us­ing a free tool such as Bit­de­fender’s Clue­ful app to ex­am­ine in­stalled apps.

Cosoi says it makes sense for some apps to re­quire a wide range of per­mis­sions, such as check­ing your con­tacts or ac­cess­ing pho­tos, but for other apps need­ing just three per­mis­sions could be sus­pi­cious.

‘‘ For in­stance, why would a game need to ini­ti­ate phone calls?’’ he asks. Lis­ten up: An­droid users need to be wary of the in­crease in mal­ware.

Newspapers in English

Newspapers from Australia

© PressReader. All rights reserved.