Android malware numbers are exploding

The Android ecosystem is becoming a true heaven for malware software and malicious apps, Trend Micro warned. The Tokyo-based security company said that during the second quarter of the year, the number of malware samples found on Android-based devices was more than four times larger than the first quarter.

According to data from Trend Micro, 25,000 malware samples for Android were detected during the second quarter compared to the “only” 6,000 malicious specimen found in the first quarter of 2012. The number was far higher than the company initially estimated (11,000 malware samples).

Trend Micro numbers suggest that Bouncer, the security feature that Google advertised as a reliable protection for the Android ecosystem and marketplace (Play), has been pretty ineffective: during the second quarter 17 malicious apps were delivered via Google Play, and users downloaded them 700,000 times before their removal. Trend Micro foresees that in the third quarter of the year there will be 38,000 malware samples infecting as much Android devices, and about 129,000 samples during the fourth quarter.

“The growth in Android malware demonstrates sustained and focussed criminal interest in the mobile platform and particularly in the Android operating system”, Trend Micro’s Rik Ferguson stated. The “mobile web” will give cyber-criminals new avenues to pursue their malicious intents, the Japanese company said, so “consumers need to use care when downloading and installing apps and should be considering installing antimalware on their mobile devices”.

Source: The Inquirer.

Report a problem with article
Previous Story

Google hiring Chromebook specialists for retail sales

Next Story

Microsoft comes to Sydney, Imagine Cup takes over

52 Comments

Commenting is disabled on this article.

It is hilarious that people run Anti Virus software on their phone. It is the 21st Century and if you need AV on a phone then something is terribly wrong with that phone eco-system. 'Open' should not equal malware and viruses on a phone.

Maybe focus more keeping it open but just more safeguards into place, maybe a reviewing system that flags these, working hand-in-hand with people like Trend?

edit: ehh, nothing... it's really sad that one of the world's leading IT company with one of the world's leading mobile platform can't maintain relative security even on their own marketplace; this is far beyond trolling, android IS a menace

Edited by deleted_acc, Jul 6 2012, 3:56am :

Morden said,
edit: ehh, nothing... it's really sad that one of the world's leading IT company with one of the world's leading mobile platform can't maintain relative security even on their own marketplace; this is far beyond trolling, android IS a menace

Let's face it Google has no place in the Software industry right now unless they change their approach;
1) Chrome: Backwards-compatibility broken on every release => keep patching your websites
2) Android: this. Takes down with it: Google TV, ChromeOS and who knows what else.

Riva said,
1) Chrome: Backwards-compatibility broken on every release => keep patching your websites
Uh, no, that is not the case. Source please.

Kirkburn said,
Uh, no, that is not the case. Source please.

Uh yes, ask any unfortunate IT Administrator, internal systems developer, they will tell you that every time Chrome updates automatically, things "break".

Riva said,
things "break".

What 'things'? 'Things' is incredibly non-specific. Websites? Extensions? I would be extremely surprised to find that websites break from version to version of Chrome ... since it isn't true.

sexypepperoni said,
Not good for Android, not good. This will surely hurt them a lot.

Considering that the typical consumer has absolutely no clue about all this, no, it won't change a single thing. Not yet.

TheCyberKnight said,

Considering that the typical consumer has absolutely no clue about all this, no, it won't change a single thing. Not yet.

It will once Apple starts making ads highlighting Android malware.

TheCyberKnight said,

Considering that the typical consumer has absolutely no clue about all this, no, it won't change a single thing. Not yet.


true... everyone knows it.. so its not going anywhere...I think apple is more into trouble because of patent issues and more and more people are starting to hate apple. I thought to buy mac book pro but now i am having second thought.

Chica Ami said,
From 6000 malware to 25000 malware, that's a 316% jump. Amazing how the popular the OS gets the more malware it will follow. =D
sure does, since android got popular and virus infested, OSX got more popular and started getting decent hits in the malware front... I haven't heard those fanboys who claim their OS is the securest of all.
Android is a distro of that same OS and shows it doesn't help jack sh*t what kernel it runs on.

Not surprised. Head over to the XDA-Developers site, browse the forums and look at how many nobbs there are that no little if anything about their device, other than they want to root it because that makes it cool or some other dippy-doo junk. They run around flashing the roms on their device, with little regard, then, when they install some new app not on the store, or something someone gave them, it hoses their device, and they come crying for someone to fix it.
The older I get, the less I can tolerate stupidity. If you can't READ the directions & understand what you are doing, get a walled off device like a blackberry, iPhone or something similar. Leave those of us who know what we are doing alone. I have techs almost daily calling me with problems, and the first thing I ask is did you read the instructions. If the answer is slow in coming, or they say never mind, then I have my answer. My mom said it best when I was a kid. ANYTHING you want to know, it (was back then anyway) written down in a book somewhere, if you know how to read, you can figure it out. Malware, virus problems are 70-80% similar to a self inflicted gunshot wound. You did it to yourself.

As I said on the forums, when you install an Application the market should give you the opportunity to revoke some of it's privileges if you don't trust it, users should also pay closer attention to what they're installing. If an application is asking for access it patently doesn't need it's probably dodgy.

Javik said,
As I said on the forums, when you install an Application the market should give you the opportunity to revoke some of it's privileges if you don't trust it, users should also pay closer attention to what they're installing. If an application is asking for access it patently doesn't need it's probably dodgy.
There are apps that allow you to revoke privileges. There are also firewall apps like Droidwall. Unless I know the app strictly requires internet access (for instance if Neowin had an app) I block it. Angrybirds isn't malicious however, it doesn't need the internet so I block it. The plus to that is I also don't get ads. I have a hosts file to fall back on anyway for ads.

The issue is that phones these days are not just phones. They are full on computers for the most part. They actually contain more personal information than any home computer ever has on top of that. People need to start treating them as such. You don't go around installing every program you find on the internet on your computer without first checking it. People need to do the same with smartphones. I have a few apps used to make sure my phone is secure so everytime I install an app, if Avast doesn't catch it, the ad detector app will, my firewall will stop it, or I will check it's activity and network connections. Takes very little time.

article stated
during the second quarter 17 malicious apps were delivered via Google Play,

Sh it gets serious if the main provider delivers viruses.

Jose_49 said,

Sh it gets serious if the main provider delivers viruses.

no kidding, you would think google screens anything coming of their service like this.

sava700 said,

no kidding, you would think google screens anything coming of their service like this.


I do. But I know that the bigger an entity it gets, the more problem will rise.

We tracked a huge jump in Malware August of 2011, with a majority of them by passing the security software people were running on Android at the time, and also bypassing any Android security. (In fact using the Android security to inject them into 'trusted' code and installs')

A large number of 'official' Apps were being compromised by compromised routers and switches watching for the downloads and attaching malware, and because of the way Android doesn't properly verify the originating image to the installing image was given rights and installed in the normal update cycle.

There is a lot more malware on Android than most users realize, with it staying hidden and 'locked in' to secure locations, it tends not to be detected.

Anecdotal evidence can be seen if you spend time or know people that work for various carriers, as the floor reps are spending a lot of time wiping devices for customers, and sadly, there are few Apps that reinstall and bring back the malware, requiring time to remove all user installed Apps before they are installed when the user signs back into the clean device.

thenetavenger said,
We tracked a huge jump in Malware August of 2011, with a majority of them by passing the security software people were running on Android at the time, and also bypassing any Android security. (In fact using the Android security to inject them into 'trusted' code and installs')

A large number of 'official' Apps were being compromised by compromised routers and switches watching for the downloads and attaching malware, and because of the way Android doesn't properly verify the originating image to the installing image was given rights and installed in the normal update cycle.

There is a lot more malware on Android than most users realize, with it staying hidden and 'locked in' to secure locations, it tends not to be detected.

Anecdotal evidence can be seen if you spend time or know people that work for various carriers, as the floor reps are spending a lot of time wiping devices for customers, and sadly, there are few Apps that reinstall and bring back the malware, requiring time to remove all user installed Apps before they are installed when the user signs back into the clean device.

Actually android apps are digitally signed so any tampering with the apk would invalidate the package. Those that modify signed packages to apply as an update usually has to resign it again in some form in order to install it otherwise android will refuse it.

I just tracked a huge amount of bullsh*t in your FUD.

thenetavenger said,
We tracked a huge jump in Malware August of 2011, with a majority of them by passing the security software people were running on Android at the time, and also bypassing any Android security. (In fact using the Android security to inject them into 'trusted' code and installs')

A large number of 'official' Apps were being compromised by compromised routers and switches watching for the downloads and attaching malware, and because of the way Android doesn't properly verify the originating image to the installing image was given rights and installed in the normal update cycle.

There is a lot more malware on Android than most users realize, with it staying hidden and 'locked in' to secure locations, it tends not to be detected.

Anecdotal evidence can be seen if you spend time or know people that work for various carriers, as the floor reps are spending a lot of time wiping devices for customers, and sadly, there are few Apps that reinstall and bring back the malware, requiring time to remove all user installed Apps before they are installed when the user signs back into the clean device.

thenetavenger said,
We tracked a huge jump in Malware August of 2011, with a majority of them by passing the security software people were running on Android at the time, and also bypassing any Android security. (In fact using the Android security to inject them into 'trusted' code and installs')

A large number of 'official' Apps were being compromised by compromised routers and switches watching for the downloads and attaching malware, and because of the way Android doesn't properly verify the originating image to the installing image was given rights and installed in the normal update cycle.

There is a lot more malware on Android than most users realize, with it staying hidden and 'locked in' to secure locations, it tends not to be detected.

Anecdotal evidence can be seen if you spend time or know people that work for various carriers, as the floor reps are spending a lot of time wiping devices for customers, and sadly, there are few Apps that reinstall and bring back the malware, requiring time to remove all user installed Apps before they are installed when the user signs back into the clean device.

To the comment about huge BS, yes, its crazy. I am guessing you work at some kind of helpdesk and only half understand the techno-crap you are given to help callers feel better about why their device got f***ed up.

"using the Android security to inject them into 'trusted' code and installs" - Umm???

"compromised by compromised routers and switches" - I just about died laughing. I mean really? Are you going there? While it is possible for an evil router to do something like that, it has never ever happened in the history of the entire world. At best a router could change a script if it was less than 1.4k in size. Even that would be next to impossible. Injecting malware into a complied package? Come on?

I don't trust anything a company who makes its living off malware says about numbers of infections.

Plus Android AV apps are useless anyway given the fact that they can't actually remove malicious apps.

Boz said,
Use app store and you'll be good.. simple as that.

I think you must have skipped the part where 17 malware apps were loaded to Google Play and downloaded 700,000 times. Or were you referring to the Amazon App Store for android?

webdev511 said,

I think you must have skipped the part where 17 malware apps were loaded to Google Play and downloaded 700,000 times. Or were you referring to the Amazon App Store for android?

There are most likely the same amount of malware in App Store (they are just finding out new ones when they are wide spread) , it's just that Apple keeps everything under hush hush and doesn't let anyone do studies like this.. The point is that those apps get pulled immediately from either store. So yes, you are pretty safe if you use official app stores when you download apps unless you are 100% certain that the APK you are downloading from a 3rd party is safe.

Though as many have said, we should all be vary of these studies done by companies who sell you protection.

Bottom line is that malware will ALWAYS go through, especially as platforms get more widespread.. it's how fast it's being dealt with is the key thing. Both Google Play and App Store (and I assume Amazon App Store) react very quickly in pulling those apps down.

Edited by Boz, Jul 6 2012, 1:51am :

What does apple have to do with this?

Boz said,

There are most likely the same amount of malware in App Store (they are just finding out new ones when they are wide spread) , it's just that Apple keeps everything under hush hush and doesn't let anyone do studies like this.. The point is that those apps get pulled immediately from either store. So yes, you are pretty safe if you use official app stores when you download apps unless you are 100% certain that the APK you are downloading from a 3rd party is safe.

Though as many have said, we should all be vary of these studies done by companies who sell you protection.

Bottom line is that malware will ALWAYS go through, especially as platforms get more widespread.. it's how fast it's being dealt with is the key thing. Both Google Play and App Store (and I assume Amazon App Store) react very quickly in pulling those apps down.

rippleman said,
What does apple have to do with this?

He's a fanboy, of course he'll put up a competitor for comparison...

FarCry3r said,

He's a fanboy, of course he'll put up a competitor for comparison...

No.. it's called objectivity. The malware problem is not exclusively an Android problem. The point was that as long as you operate within the confines of App Stores you should be ok because those app stores are curated.

Boz said,

No.. it's called objectivity. The malware problem is not exclusively an Android problem.

No, it's called a red herring

Boz said,

No.. it's called objectivity. The malware problem is not exclusively an Android problem. The point was that as long as you operate within the confines of App Stores you should be ok because those app stores are curated.


erm, you seriously compare an app store that has legislation with people manually allowing new apps and an app store that automatically accepts all apps?

webdev511 said,

I think you must have skipped the part where 17 malware apps were loaded to Google Play and downloaded 700,000 times. Or were you referring to the Amazon App Store for android?

And malware has just been found on the iOS appstore too. No system is perfect. The thing is, Google can easily do a remote kill on market-installed apps.

Trendmicro is just trying hype things up to sell it's av products. As Boz said, stick to the official market, and check app permissions and you'll be fine. We're not talking about Windows-level malware here.

Edited by simplezz, Jul 6 2012, 1:49pm :

Not that the numbers aren't correct, and I definitely think Google should be more proactive, but I have a hard time listening to people using what amounts to scare tactics when they sell a solution.

Ryoken said,
Android.. the new Windows.

User intervention is required to install, right? Windows (XP and before) had tons of drive-by vulnerabilities - if Android was susceptible to that, I'm going back to my 3330.

Ryoken said,
Android.. the new Windows.

Sigh...! It can never be like that, Android apps are sandboxed, a simple uninstall of the malicious app and the device is clean again. Also I think using common sense is enough for people who only download stuff from Google Play... Trend Micro should be sued, a lot of the stuff they often write about, trying to scare people into installing anti-virus apps is so obviously not possible that anyone just as smart as a goldfish would be stupid enough to install... They're trying to scare people, the real malware is the anti-virus app itself, slowing down the device and draining the batttery!

ow7iee said,

Sigh...! It can never be like that, Android apps are sandboxed, a simple uninstall of the malicious app and the device is clean again.

That doesn't undo the damage that the malicious app has done... for instance, it doesn't unsend the spam emails your Android device sent to your boss and friends.

ow7iee said,

Sigh...! It can never be like that, Android apps are sandboxed, a simple uninstall of the malicious app and the device is clean again. Also I think using common sense is enough for people who only download stuff from Google Play... Trend Micro should be sued, a lot of the stuff they often write about, trying to scare people into installing anti-virus apps is so obviously not possible that anyone just as smart as a goldfish would be stupid enough to install... They're trying to scare people, the real malware is the anti-virus app itself, slowing down the device and draining the batttery!

Some of the malicious apps used known exploits to gain temporary root access and do nasty things to the phone as well. zergrush was used in at least one malicious app in the past and is a common rooting method use by those that intend to permanently do so.

P.S. - My phone is rooted.

ShMaunder said,

User intervention is required to install, right? Windows (XP and before) had tons of drive-by vulnerabilities - if Android was susceptible to that, I'm going back to my 3330.


erm, android already had at least several drive-by security exploits which either did not use user confirmation, showed you an 'incomplete' list of rights it needed, found exploits within their rights to access other rights etc..etc..
theres plenty of serious security breaches, that ALSO came from the marketplace/play.

ow7iee said,
They're trying to scare people, the real malware is the anti-virus app itself, slowing down the device and draining the batttery!

I disagree. I use Avast on Android 4. Take very little resource. Does the job.

Shadowzz said,

erm, android already had at least several drive-by security exploits which either did not use user confirmation, showed you an 'incomplete' list of rights it needed, found exploits within their rights to access other rights etc..etc..
theres plenty of serious security breaches, that ALSO came from the marketplace/play.

But does that mean I'm only affected by dodgy apps? What I mean by drive-by is for example, when I'm browsing a site and due to one or more exploits in the browser/OS, something can gain file system rights and downloads stuff to my device without my acknowledgement.

On the "App" side, much of it can be stopped if app developers were forced to include source code in their submissions which were publicly accessible. Though this would create a **** storm with companies and potentially independent developers.

ShMaunder said,

User intervention is required to install, right? Windows (XP and before) had tons of drive-by vulnerabilities - if Android was susceptible to that, I'm going back to my 3330.

If by tons you mean less than 5? Then yes, there were 2 high profile ones from Windows 2000 forward where a computer could be compromised without user intervention (assuming it had no firewall and assuming Auto Update was turned off). In both cases MS released a patch to fix a flaw they found, someone else looked at what the patch fixed and then wrote a virus to exploit unpatched computers.

I will say that the old style ActiveX user prompt was really dumb and led to a lot of infections. Yes, it required user intervention, but the prompt was unclear and many users pressed OK without understanding they were installing code on their computer. Honestly, that was the biggest issue with Windows systems.

i have always had the opinion that Google needs to be more Dictatorial on their marketplace, that is the main reason Apple has just now seen their first Trojan in the App Store Compared to the numbers in the Google Play Store.
*Edit - yes open is all good, but the world doesnt play nice, and will Exploit Anything it can to make a buck as quick as it can

Hell-In-A-Handbasket said,
yes open is all good, but the world doesnt play nice, and will Exploit Anything it can to make a buck as quick as it can

That's why I run Avast on my Android 4. I install it right away when I got my Nexus, it's not taking too many resources and it stop 2 infectations already. Thumbs up.