Security supplier F-Secure warns of a striking increase in malware pointing to Android devices. The analysis was exhibited in the company’s latest Mobile Threat Report release.
“In Q1 2011, 10 new families and variants were discovered. A year later, this number has nearly quadrupled with 37 new families and variants discovered in Q1 2012 alone,” F-Secure states.
F-Secure attributes the speedy growth not exclusively to the fame of Android devices and the operating systems open source architecture, but also to the growing figure of variants configured to evade antivirus protections by applying a larger number of signatures.
“A comparison between the number of malicious Android application package files (APKs) received in Q1 2011 and in Q1 2012 reveals a more staggering find — an increase from 139 to 3063 counts. This growth in number can be attributed to malware authors crafting their infected or trojanized applications to defeat anti-virus signature detection, distributing their malware in different application names, and trojanizing widely popular applications,” the report notes.
The analysis also shows malware programmers are implementing ever more advanced evasion and obfuscation formulas, including sophisticated cryptography and steganography – the concealing of data within an image.
Other advanced malware recently discovered include:
“The three malware (RootSmart.A, DroidKungFu.H, and Stiniter.A) mentioned above suggest that Android malware are focusing on utilizing the native component, and only downloading a root exploit when needed. Even then, the root exploit would be quickly deleted to prevent the malware from being profiled or detected as malicious by anti-virus products since the native component has yet to exist in their packages,” the report explains.
While the innovations involved in the most recently disclosed malicious code have developed, the report notes that the application payloads persist to function in much the same manner as former malware incarnations.
“Over the year, Android threats have continued to improve their techniques in evading detection and their methods of infection, yet, nothing much has changed in their operation in collecting profit. The majority of malware discovered in Android markets are SMS-sending malware that reap profit from sending messages to premium numbers.”