A new report from Juniper Networks underscores the downside of the Android Market’s hands-off approach to approving apps. In its annual Mobile Threats Report, it reported a record number of mobile malware attacks, especially to the Android platform. While there was a 155% rise in mobile malware across all mobile operating systems last year, attacks targeting Android jumped 3,325% in just the last seven months of 2011.
The rise of Android as the dominant mobile operating system has made it an inviting target for scammers.
The Google mobile platform now runs on just over half the world’s smartphones, according to data released today by Gartner. Android Market, which offers more than 300,000 apps, suffered a series of much-publicized malware attacks last year, leading Google in some instances to disable infected apps remotely.
When it comes to Apple’s iOS system, Juniper said its research remains limited because of the closed nature of the platform. But it noted that security researchers were successful in getting an unapproved app into the App Store last year. Apple is generally known for having a much more rigorous vetting process for apps than Google.
But the company ran into trouble this week when it became clear the App Store has permitted apps such as Path that transmit a user's full address book to remote servers for later reference without permission. Apple on Wednesday said grabbing contact data without user consent violates its app guidelines, and as a result it will require apps seeking such data get explicit permission beforehand in future releases. The same policy applies to apps using location information.
The Juniper study found that spyware made up the majority (63%) of mobile malware in 2011, followed by SMS Trojans (36%), which send text messages to premium rate numbers owned by the attacker in the background of a legitimate app without the mobile user’s knowledge.
A new attack method dubbed "Fake Installers," which trick victims into unknowingly paying for pirated versions of popular free apps, was the fastest-growing type of malware in 2011.
Overall, the report found malware is getting smarter as cyber criminals find new ways to exploit vulnerabilities and consumer behavior across all mobile platforms and devices. And as more people download more apps than ever before, the opportunity for hackers to pilfer data or money continues to grow.