Android Market Lousy With Malware, Says Juniper (NewsFactor)

As the number of applications available in Google’s Android Market has soared, users are paying a price: More and more malware.

That’s the claim of information technology and network products giant Juniper Networks, whose Global Threat Center believes the easy process for posting apps has led to a whopping 472 percent increase in malware samples since July 2011.


All Too Easy

“These days, it seems all you need is a developer account, that is relatively easy to anonymize, pay $25 and you can post your applications,” wrote Juniper on its threat center blog, noting that the lack of upfront review leaves the world’s largest smartphone community browsing through poorly defined, unscreened apps that will only be removed after the fact if malware is reported or detected by Google.

“This approach has led to major increases in research into and discovery of vulnerabilities within the Android platform as the delivery mechanisms of mobile malware,” said Juniper, which published its Malicious Mobile Threats Report for 2010 and 2011 in July. That report, showing a 400 percent increase in Android malware, looked at increasingly sophisticated attacks, including “Myournet/Droid Dream, Tap Snake and Geinimi as well as the pirating of the ‘Walk and Text’ application, new threat vectors for mobile cybercrime, and the potential for exploitation and misuse of mobile devices and data.”

The report puts something of a damper on Google’s boast at the launch of Google Music in Los Angeles Wednesday that more than 200 million Android-based phones have been activated, with more than half of that growth in the past six months, as companies like Samsung, HTC, LG and Motorola trot out increasingly powerful devices via all four top carriers, as well as smaller ones like MetroPCS and Virgin Mobile.

Google’s press office did not respond to our inquiry via email for a comment about the report in time for publication.


All The Rage

Last March, both comScore and Nielsen reported that Android had surpassed Research In Motion’s BlackBerry and Apple’s iOS to become the most popular operating system in the U.S.

ABI Research reported last month that 44 percent of all mobile application downloads in the second quarter were Android, compared with Apple’s 31 percent.

Analyst Alex Spektor of Strategy Analytics said the open-source Android was not fundamentally less secure than its competitors.

“Desktop variants of Linux are typically quite secure and suffer from much less malware trouble than does Microsoft Windows,” said Spektor. “Rather, the amount of malware in the Android Market is a result of the open nature of the store itself. Unlike Apple, whose App Store staff review each submission, Google does not pre-screen apps.”

But he added, “Of course, bad apps can be always removed after being discovered.”

So who’s responsible for the malware?

“The Global Threat Center believes it’s the same actors who originally wrote malicious code for the legacy platforms of Symbian and older versions of Windows Mobile,” Juniper wrote. “They shifted to Android given its gains in significant market share when compared with these legacy platforms.”

Article source: http://us.rd.yahoo.com/dailynews/rss/security/*http://news.yahoo.com/s/nf/20111117/bs_nf/81055

View full post on National Cyber Security