Android takes first place in reported malware for Q1 of 2014

Google’s Android OS is nothing short of a major success for the company. Having taken a huge slice of the marketshare pie, Android is the dominant OS on the market. And when you are the largest player in any segment, you become the target for those with devious intent.

In Q1 of 2014, Android was found to be the host for 275 out of 277 new families of malware with Symbian and iOS also having new forms of malware discovered too.

The majority of the new malware is used to silently send premium SMS messages that, as the name implies, charges the sender for each instance of the text message sent. According to the report by F-secure, 88% of the malware was profit driven and 19% of the malware linked the phone into a botnet.

Android was not the only platform targeted with iOS and Symbian also having new reports of malware. Although far less at one per platform, new instances were found. For the iPhone, on a jailbroken device, a framework for app development contained a suspicious library that hijacked various advertising modules in installed apps; the trojan on Symbian sent text messages.

It’s important to keep in mind that using a bit of logic, you can keep your phone free of malware. By not side-loading applications on Android or jailbreaking your iPhone, you can reduce your chances of being infected by malware. While some nefarious apps have found their ways into official company stores in the past, they are typically caught quickly and pulled from the store.

Windows Phone and Blackberry were not reported to have any attacks during this same time period but both of those platforms are much smaller in size compared to Android and iOS.

For the average user, there is likely not much to worry about on any platform as the infection rate is mostly targeted outside of official stores. But, if you do find yourself side-loading applications on a frequent basis, it’s best to do a bit of research as outside the confines for Google and Apple, the market is a more dangerous place .

Source: F-Secure (PDF)

Report a problem with article
Previous Story

Microsoft buys XboxAb.com and XboxAb.net domain names

Next Story

Hulu to offer ad-supported shows on mobile devices for free

41 Comments

Commenting is disabled on this article.

I run a custom rom with f-droid store (f-droid.org go and check it out FOSS people) and the store itself had to be sideloaded and to install apps from it you have to allow sideloading. AFAIK isn't a lot of the malware being sent through the google play store itself.

zikalify said,
I run a custom rom with f-droid store (f-droid.org go and check it out FOSS people) and the store itself had to be sideloaded and to install apps from it you have to allow sideloading. AFAIK isn't a lot of the malware being sent through the google play store itself.

O.1% of apps on Google play were found to be malware.

Yes I read it after. I also read that most is coming from sketchy third party app stores. Because I can see all the source code of apps in F-droid and have submitted my own app to there still trust it. :)

For anyone interested in better security and control with Android, there's something called "Xprivacy". It's a bit a process installing everything, but once done you get complete control over every facet of every app and if you're lazy, you can rely on peer submitted settings for popular apps. Of course this kind of FREEDOM is probably frowned upon by Neowinners!

so i read somewhere that android apps mine bitcoins, my phone only connects to my router when its not locked and when i leave my apartment, the phone cant connect to the router, because its too far, does anyone know if apps accomulate those bitcoin minings and when once connected, they send them again?

I have an iPhone 5s, a Nexus 4, and a Blackberry Q5. Recently I used a Lumina 1020 for 20 minutes, and I got to tell you, it blows everything I currently have away. The OS was very smooth and feels very polished.

If I didn't already have too many devices, I would get one. When one dies, a Windows Phone will be my next purchase. Heck, I might get one if the right deal presents itself and just store it in the event one does die.

My ecosystem is setup perfectly for my needs and I don't want to disrupt it, but I must say I was impressed.

Basically, I have nothing of value to add to the discussion except my perceptions.. so as you were :)

/ijustfeltliketypingiguess

Yep, I love my android phone. Love video chatting, finding out where my family are, sending them photos and music tracks directly phone to phone......well, I would if not everyone had iphones!!!! lol, forever alone

I'm glad that you mentioned that most of the malware comes from outside of the Play store.

I think F-Secure's data says it best:


Let's be clear. From a statistical viewpoint researcher and security specialist F-Secure got them right. Android does account for 97% of all mobile malware, but it comes from small, unregulated third party app stores predominantly in the Middle East and Asia. By contrast the percentage of apps carrying malware on Google's official Play Store was found to be just 0.1% and F-Secure acknowledges rigorous checks mean “malware encountered there tends to have a short shelf life.”

http://www.forbes.com/sites/go...the-easy-way-you-stay-safe/

I've said it before, and I'll say it again, the only real way to prevent malware, and this includes Linux for those who think I'm biased, is to make the preferred software source a peer reviewed respository or a curated app store. Once you stray from those sources, you're on your own. That being said, many people can happily sideload when they know what they're doing and where they get their APK's from.

simplezz said,
I'm glad that you mentioned that most of the malware comes from outside of the Play store.

Yup, good article from the OP.

Keep in mind, Windows still retains well over 90% market share in the PC/laptop market. Far more market share than Android has in Mobile. Yet we seldom hear of major malware in Windows any more. Truth is the software is now pretty good.

Android is poorly designed and functionally flawed. It attracts malware simply because it's so easy to hack.

adrynalyne said,
Reminds me of Windows vs. OSX and GNU/Linux.

The market share leader always gets targeted the most.

You are correct; however, there is also a security model difference. For example, it is impossible for malware or Apps to access or secretly send SMS on a WP device.

Mobius Enigma said,

You are correct; however, there is also a security model difference. For example, it is impossible for malware or Apps to access or secretly send SMS on a WP device.


The reason why I trust to do my banking on my 920 as my bank uses text messages for confirmation codes :)
I did wait almost a year after release of WP8 to see if there would be any security issues concerning banking on the phone... There was none at all....

AmazingRando said,
Are you talking about Windows or Windows Phone?

Same question. Windows still gets infected more than a 2 dollar hooker. And I am talking about Windows 8 as well. Ransomware anyone?

Major_Plonquer said,
Keep in mind, Windows still retains well over 90% market share in the PC/laptop market. Far more market share than Android has in Mobile.

Only if you ignore the size of the market. Smartphones and tablets sell more than three times the number of devices that traditional PC/Laptops do. Then there's ChromeOS, which makes up a good proportion of laptop sales.

And don't forget, while the desktop/laptop market is shrinking, the mobile one is growing.

Major_Plonquer said,

Yet we seldom hear of major malware in Windows any more.

That's because it's so commonplace it doesn't even get a mention. There's a reason every copy of Windows 8 comes with a built-in antivirus. Hundreds of millions of Windows PC's are infected with malware, viruses, and rookits at anyone time. There's simply too many threats to count.

Major_Plonquer said,

Truth is the software is now pretty good.

Ignorance is bliss as they say. There's a just revealed IE vulnerability that's been exploited for at least a year. So while you've had your fingers in your ears, someone could of been hacking your machine. But don't listen to me, unlike everyone else, you're magically immune to all Windows nasties right?

Major_Plonquer said,

Android is poorly designed and functionally flawed. It attracts malware simply because it's so easy to hack.

LOL. If you had any idea how malware gets on a system, you'd be questioning the software sources, not the design of Android or even Windows.

Edited by simplezz, Apr 30 2014, 11:17pm :

techbeck said,

Same question. Windows still gets infected more than a 2 dollar hooker. And I am talking about Windows 8 as well. Ransomware anyone?

Yeah, that's not fair. Social engineering works on all platforms, and you don't need a security vulnerability to be susceptible to ransomware; that class of attack can work on any platform if you trick the user to run it. There is no vulnerability in Windows that allows that to work, it's just somewhat surprising it took this long for someone to try it TBH.

The rest of your argument I would heavily dispute, because quite frankly, it's rubbish.

Rubbish? About Windows 8 still getting a lot of malware? You do realize you can install desktop apps on Windows 8, right? And that Windows has a huge malware problem, right? I see it on Win8 all the time. Granted, less than Win7, Vista, and XP...but it is still a major issue.

Shadowzz said,
I rarely see malware on Windows 8, go instruct your users with some simple instructions or set up their system properly.

You are probably not the average user and know how to avoid it. If only it was as easy as you say, there would be no malware infections anymore.

Back in the real world, it doesn't work that way for the average user and you know that.

techbeck said,
Rubbish? About Windows 8 still getting a lot of malware? You do realize you can install desktop apps on Windows 8, right? And that Windows has a huge malware problem, right? I see it on Win8 all the time. Granted, less than Win7, Vista, and XP...but it is still a major issue.

I can't believe people are arguing that windows is not getting hit with major malware problems still. Some people here are really not in touch with reality. All they see is that they aren't infected and therefore it must be that way everywhere else.

Ideas Man said,

Yeah, that's not fair. Social engineering works on all platforms, and you don't need a security vulnerability to be susceptible to ransomware; that class of attack can work on any platform if you trick the user to run it. There is no vulnerability in Windows that allows that to work, it's just somewhat surprising it took this long for someone to try it TBH.

The rest of your argument I would heavily dispute, because quite frankly, it's rubbish.

That is completely fair. You don't think that non-Windows users are less susceptible to social engineering, do you? Yet look at the raw infection numbers. Very little infections on other platforms.

Ideas Man said,

Yeah, that's not fair. Social engineering works on all platforms, and you don't need a security vulnerability to be susceptible to ransomware; that class of attack can work on any platform if you trick the user to run it.

How something runs, where, and what format it's in does have an effect on how easy it is to infect a system. It's very hard for instance to make any guarantees about a GNU/Linux distro. Linux is a very heterogeneous environment, quite the opposite to the homogeneous Windows.

It's still possible, but more difficult, and certainly difficult to do on a large scale like what's done on Windows.

Ideas Man said,

There is no vulnerability in Windows that allows that to work, it's just somewhat surprising it took this long for someone to try it TBH.

In Windows it's commonplace to run random executables from varied sources, therefore it's unlikely to set off alarm bells for a user. I'd call that a vulnerability, perhaps not in the traditional sense, but certainly in terms of user attitude and expectation.

An average GNU/Linux user should be getting all their software from repositories, so suddenly being told to run a file from an unusual source would seem very out of place. And I'd hope they'd question the legitimacy of it.

adrynalyne said,

I can't believe people are arguing that windows is not getting hit with major malware problems still. Some people here are really not in touch with reality. All they see is that they aren't infected and therefore it must be that way everywhere else.

Exactly. Many people on here pretend that there aren't hundreds of millions of Windows PC's infected with malware, viruses, rootkits etc.

They even think they're safe because Windows Defender says so. It's scary. I've seen so many systems infected despite an antivirus being installed, including Windows Defender. Some rootkits and malware are so sophisticated these days that they can go undetected for years, and are almost impossible to removed without a complete reformat.

adrynalyne said,

You are probably not the average user and know how to avoid it. If only it was as easy as you say, there would be no malware infections anymore.

Back in the real world, it doesn't work that way for the average user and you know that.


I setup computers for plenty of average joe's. And Windows 7 and much more so 8, are the only Windows' I don't have to return on a bi-monthly basis to clean up their systems.

With Windows 8 it gets even better, install Office and other doodlies they use (a lot of average Joe's dont play games besides webgames on their computers) and revoke their installation privileges and tell them if they want something to go to the Windows store.
And no need for bloat ware like pointless AV and such. Just keep defender+firewall and give them EMET.
Most people can follow simple instructions, for some I wrote it down on a post-it what to do when they come across social engineering malware.
In fairness, some did contact me recently due to them wanting to do their taxes. And here in NL you download and install a program to do so >.>

Barely see people complain nowadays that their PC gets slow or whatever.

So what, you revoke admin rights to those who have personal systems? And you do realize that just because you don't see it, doesn't mean others don't.

Shadowzz said,

With Windows 8 it gets even better, install Office and other doodlies they use (a lot of average Joe's dont play games besides webgames on their computers) and revoke their installation privileges and tell them if they want something to go to the Windows store.

So basically you lock down their system so they can't do anything.

Shadowzz said,

And no need for bloat ware like pointless AV and such. Just keep defender+firewall and give them EMET.

Windows Defender + Windows Firewall is bloatware. It slows down every system I've seen. And most of the time it doesn't work either.

Shadowzz said,

Most people can follow simple instructions, for some I wrote it down on a post-it what to do when they come across social engineering malware.
In fairness, some did contact me recently due to them wanting to do their taxes. And here in NL you download and install a program to do so >.>

Well that's a great way to extort money out of people. Lock down their system, and when they need to do something, you'll charge them for the privilege.

Shadowzz said,

Barely see people complain nowadays that their PC gets slow or whatever.

Windows 8 is slow on a default install. I've seen a high end, brand new laptop slowed to a crawl because of indexing, preloading, and all the other nonsense that Windows does in the background. Unless you strip the services down, disable all the prefetching / preloading, indexing, protection points, etc, it becomes a brick.

If I show them Linux they're often amazed how quickly it boots and runs compared to Windows. Not only that, but they can do their banking, and other personal stuff without worrying about malware, viruses, rootkits, browser hijacking, etc. And I don't need to lock down the system to achieve all of that.

Edited by simplezz, May 1 2014, 4:06pm :

techbeck said,
So what, you revoke admin rights to those who have personal systems? And you do realize that just because you don't see it, doesn't mean others don't.

Yeah cause there's no admin account....
No just not let the user they work under not have any installation rights. Because they never really need to install anything. Well besides toolbars ofc.
simplezz said,

So basically you lock down their system so they can't do anything.


Windows Defender + Windows Firewall is bloatware. It slows down every system I've seen. And most of the time it doesn't work either.


Lol. On random occurrences I have seen Windows Defender having some load, but every AV has that. Most are worse. WD is not any worse then the rest on resource load. Not sure what virus infested machine you've seen it on.


Well that's a great way to extort money out of people. Lock down their system, and when they need to do something, you'll charge them for the privilege.

I don't charge anything mostly and sometimes just a little.
Also they still have the administrator account. It's not like they can't do anything. Just their own user account has no installation privileges. Don't see whats wrong with that, neither do they. And if they want to have those privileges, they can have them. It's just my suggestion and some take up on it. Cause they're sick of the last 15 years having to find a person every year to clean their computer up.

Windows 8 is slow on a default install. I've seen a high end, brand new laptop slowed to a crawl because of indexing, preloading, and all the other nonsense that Windows does in the background. Unless you strip the services down, disable all the prefetching / preloading, indexing, protection points, etc, it becomes a brick.

Yet I've seen little asus atom 1gb laptops run Windows 8 and browse webpages as smooth as a babies bottom.
You're disabling everything in Windows 8 that actually improves it speed. You don't want it to optimize itself with idle resources (99% of the time windows does any optimizing its with idle resources, go look up what prefetch, indexing and such)
And protection points as you say (its called Restore) is disabled by default, the only OS that had it enabled by default was ME.

If I show them Linux they're often amazed how quickly it boots and runs compared to Windows. Not only that, but they can do their banking, and other personal stuff without worrying about malware, viruses, rootkits, browser hijacking, etc. And I don't need to lock down the system to achieve all of that.

What bareboned linux do you run, cause Ubuntu is just as heavy as Windows 7.
And its the most consumer friendly distro out there (or others based on it) and its locked down pretty similar to Windows and how I do it, besides skipping UAC and actually requiring the administrator password..
Or Ubuntu does not use SUDO with, usually a password requirement?

As usual Simplezz, you truly show your in-depth knowledge and unbiased opinion.