Government memo warns that Android accounts for 79% of mobile malware

The U.S. Department of Homeland Security and the U.S. Department of Justice has released their findings on the security of mobile operating systems like Android, Symbian, iOS, Windows Mobile, and the rest. It probably shouldn't come as much surprise, but Android is in fact at the most risk for malware.

In 2012, Android accounted for 79 percent of all mobile malware; second place wasn't even close and it was Symbian with 19 percent, but market share for Symbian shrinks every day. Third place is Apple's iOS accounting for a mere 0.7 percent of malware. Windows Mobile and BlackBerry tie at 0.3 percent each, and all others collectively account for 0.7 percent. The difference between the two main players -- Android at 79 percent and iOS at 0.7 percent -- is dramatic.

The release says Android has been a "primary target" for attack, blaming its large global market share and openness; the study tested for SMS trojans, rootkits and counterfeit apps. The two government departments caution that government workers using Android must take appropriate security measures to stay malware-free, such as always having the latest software release.

Android malware isn't a new problem. It's been the target for malicious content mainly since it's claim to fame and there are now over 700,000 malicious Android apps and growing. Google's unwalled garden approach only adds fuel to the fire as well.

Source: The Next Web | Image via Public Intelligence

Report a problem with article
Previous Story

Google's Palestine webpage hacked for anti-Israeli purpose [Update]

Next Story

Rumor: Xbox One could launch in the US November 8th

35 Comments

Commenting is disabled on this article.

Really? Because I've never had any malware on my device. Unless you consider ads malware.
If you only download apps from verified sources, you have NOTHING to worry about. Same with Windows. Whatever OS has the biggest market, that is where malicious activity will be common.

Just because you live in a high crime area, don't mean you have to have an act of violence done to you specifically. All it takes is some precaution an use of common sense. IF YOU HAVE ANY!

ACTIONpack said,
That what happen when you have an open source OS.

No, that's what happens when you have enough marketshare and a viable attack vector.
The graph for desktop operating systems would look about the same (or probably even "worse" for the dominant platform), with Windows being obviously not open source.

ACTIONpack said,
That what happen when you have an open source OS.

Its not otherwise Linux on desktops would have exactly the same problem. Its what happens when an is gets popular and a user can install any app easily

ichi said,

No, that's what happens when you have enough marketshare

So why wasn't this a problem for Apple when they dominated the market?

ichi said,

No, that's what happens when you have enough marketshare and a viable attack vector.
The graph for desktop operating systems would look about the same (or probably even "worse" for the dominant platform), with Windows being obviously not open source.


I do doubt it with Windows Phone and Windows RT though.
Neither have been cracked so far, and RT only cause of Microsoft's allowed debugging tools.
Android is currently going through the same phase Microsoft went through with Windows 9x. Popular as pie flying of the shelves, haven't eaten any cheese about security, not caring much for it either. And bound for a full rewrite with security in mind.
Turn on all protected modes in Windows 8, keep your apps from the store only, and malware is going to have a tough time infecting the OS.
While on Android, it still happens that malware apps get into the Playstore, and that is the biggest issue.

ZipZapRap said,

So why wasn't this a problem for Apple when they dominated the market?


Its also related to the OS Architecture. As for windows 9x there was a lot of security issues. Windows NT family had better architecture thus less malware and viruses. It's the combination of Architectural faults and popularity determine the vulnerability. Android is kind of put together OS. Its Core linux has no problem though. but android itself is not as robust as Windows or iOS. to prove my point, take a look at source codes.

ZipZapRap said,

So why wasn't this a problem for Apple when they dominated the market?

Because you only quoted half of the sentence I wrote.

(Or maybe because malware coders share Ballmer's awesome tech visionary skills).

"That what happen when you have an open source OS."

No it isn't. The point is that Android is crummy software. iOS is far, far better internally. Google is now, never has been or ever will be a software company. They sell ads. And they make money selling malware. So why would they stop?

Major_Plonquer said,
They sell ads. And they make money selling malware. So why would they stop?

They sell ads..yes...but now they sell malware? Talk abut ill informed.

This makes me wonder what's left for the usual accusations of Windows being insecure while Linux being 'Oh so the Holy Grail of security'.

And OTOH, how much in this case could be explained by Google's approach to security in Android or for the Play Store, desktop/mobile OS differences, iOS's walled garden, how massive a platform is, or anything else...

Leaves me wondering... Seems complex to explain.

Doesn't matter what OS or kernel your using, if the users are gullible enough to click a malicious link (and/or grant admin privileges to malware) there's nothing to do.

Well Android holds 80+% of the market. Now lets make the same chart for Windows PC and Linux PC infection rates...

Moreover i have 450+ apps on my Note 2 and i have also 2 other Android devices and have 0 viruses.

DaveBG said,
Well Android holds 80+% of the market. Now lets make the same chart for Windows PC and Linux PC infection rates...

Moreover i have 450+ apps on my Note 2 and i have also 2 other Android devices and have 0 viruses.

this only proves why other platforms like mac has relatively few virus'. Security through obscurity.

DaveBG said,
Well Android holds 80+% of the market. Now lets make the same chart for Windows PC and Linux PC infection rates...

But that's the point: same as with Windows, given enough marketshare as soon as you allow users to install random apps downloaded from any web page you'll have hundreds of developers releasing malicious apps hopping that those users will take the bait.

Google's relatively "open" approach with the Play Store also has it's issues, but the bulk of the threat resides in other distribution channels.

Just check the article some weeks ago about an app that would allegedly work to spy on other people whatsapp's chats, which used social engineering (fake facebook and twitter comments) to convince victims to download and install the apk from the app's web.

That wasn't really widespread but the author made a load of money anyway.

DaveBG said,
Well Android holds 80+% of the market. Now lets make the same chart for Windows PC and Linux PC infection rates...

Moreover i have 450+ apps on my Note 2 and i have also 2 other Android devices and have 0 viruses.


Although iOS was the clear leader for quite a while, wasn't it? I think that market share plus a more open ecosystem figures in.

Just like for Windows and OSX, openess is just a risk for most users. If you're here on Neowin, you're not "most users." Most users are practically computer illiterate, and really benefit from walled gardens... If it was up to me, Android would be for power users only. Yet csnvet yr most out of it, and don't nlmake for good targets.

yeah. being Linux based.. it's free. they undercut the cost of the competition.. and then you have a bunch of morons unlocking the damn things opening the machine to all sorts of infections.

Well 80% of mobile malware is Android.
~80% of mobile marketshare, is Android.

So every individual user that has malware has rooted their phone, went to 3rd party sites/services to load the apps?

After the multiple reports of thousands of malware apps that have _been_ in the Playstore.....

People are a bunch of boneheads. Stop claiming that Android is perfectly save if you don't root it and only use the Playstore, cause it frigging IS NOT.
Get that head out of Google's arse and change your attitude, if you keep up the "Android is fine if you X or X" is ridiculous and the same thing we had in the 90s when pretty much every Windows user got infected cause of this head-in-arse approach from 'techies'.

Shadowzz said,
Well 80% of mobile malware is Android.
~80% of mobile marketshare, is Android.

So every individual user that has malware has rooted their phone, went to 3rd party sites/services to load the apps?

After the multiple reports of thousands of malware apps that have _been_ in the Playstore.....

People are a bunch of boneheads. Stop claiming that Android is perfectly save if you don't root it and only use the Playstore, cause it frigging IS NOT.
Get that head out of Google's arse and change your attitude, if you keep up the "Android is fine if you X or X" is ridiculous and the same thing we had in the 90s when pretty much every Windows user got infected cause of this head-in-arse approach from 'techies'.

Couldn't have said it any better. Excellent post.

That's true about the OS get popular and virus/malware start creeping in, however, if Microsoft not doing anything like Google does, then those virus don't get thru. Fortunately, Microsoft improved the explorer and daily patches to get 1 step ahead.

ichi said,

But that's the point: same as with Windows, given enough marketshare as soon as you allow users to install random apps downloaded from any web page you'll have hundreds of developers releasing malicious apps hopping that those users will take the bait.

Google's relatively "open" approach with the Play Store also has it's issues, but the bulk of the threat resides in other distribution channels.

Just check the article some weeks ago about an app that would allegedly work to spy on other people whatsapp's chats, which used social engineering (fake facebook and twitter comments) to convince victims to download and install the apk from the app's web.

That wasn't really widespread but the author made a load of money anyway.

" i have 450+ apps on my Note 2 and i have also 2 other Android devices and have 0 viruses. "

How could you possibly know? On Android even the antivirus checkers have viruses.

Shadowzz said,
Well 80% of mobile malware is Android.
~80% of mobile marketshare, is Android.

So every individual user that has malware has rooted their phone, went to 3rd party sites/services to load the apps?

After the multiple reports of thousands of malware apps that have _been_ in the Playstore.....

People are a bunch of boneheads. Stop claiming that Android is perfectly save if you don't root it and only use the Playstore, cause it frigging IS NOT.
Get that head out of Google's arse and change your attitude, if you keep up the "Android is fine if you X or X" is ridiculous and the same thing we had in the 90s when pretty much every Windows user got infected cause of this head-in-arse approach from 'techies'.


You are speaking for head-in-arse approaches and you want me to dump the open platform and use the limited and heavily controlled iOS or WP? Are you for real?
Just because Android has many users, some of which are dumb idiots does not mean that we should not use Android. And YES may friend i am rooted and i download apps from forums and links all over the WEB and you know what? I have installed a few security apps too to monitor what\when\which app is doing. So just because even the non root user that uses play store can get infected DOES NOT mean that the platform is bad.