Over the past couple of years, the Android platform has amassed a lot of popularity, and most of the best smartphones in the world are running on it. However, since its growth in popularity, the platform has also been notorious for attracting malware. A recent study by Kaspersky Labs has found that the most popular targets for cyber criminals were Android devices running version 2.3.6, commonly referred to as Gingerbread, and Android 4.0.4 Ice Cream Sandwich.
According to the report, Analysis of mobile malware for Android OS by Kaspersky Lab experts in Q3 2012 revealed that the most popular targets among cyber criminals were the aforementioned Android versions.
Gingerbread and ICS most vulnerable to malware
The report stated that the rapid growth in the number of new mobile malicious programs for Android continued in the third quarter, prompting the specialists at Kaspersky Lab to identify the platform versions most frequently targeted by cyber criminals. Android 2.3.6 Gingerbread accounted for 28 percent of all blocked attempts to install malware, while the second most commonly attacked version was the new 4.0.4 Ice Cream Sandwich, which accounted for 22 percent of attempts.
“Although Gingerbread was released back in September 2011, due to the segmentation of the Android device market it still remains one of the most popular versions, which, in turn, attracts increased interest from cybercriminals,” commented Yuri Namestnikov, Senior Malware Analyst at Kaspersky Lab. “The popularity of the most recent version of the Android OS – Ice Cream Sandwich – among virus writers can be explained by the fact that the devices running the latest versions of the OS are more suitable for online activities. Unfortunately, users actively surfing the web often end up on malicious sites.”
The research note states that more than one half of all malware detected on user smartphones turned out to be SMS Trojans, i.e., malicious programs that steal money from victims’ mobile accounts by sending SMS messages to premium rate numbers.
The OpFake family has become the most widespread (38.3 percent of all the malicious programs detected for Android) among all the mobile malware families. All the programs in this family disguise themselves as OperaMini. A fifth of the malicious programs detected (20 percent) on user devices are versatile Trojans, most of which belong to the Plangton family. After being installed on a device, these Trojans collect service data on the mobile phone, send it to the command server, and wait for the cyber criminals’ commands. Specifically, malicious programs in this family can stealthily change bookmarks and the home page. Third place in the ranking was taken by the FakeInst family, whose members pretend to be installers for popular programs (17 percent). These two types of malware are mostly distributed via so-called alternative app stores created by cyber criminals.
With the popularity of the Android, the number of hackers and malware targeting it has grown too. However, a majority of threats for Android originate from a single malware family, Android.FakeInstaller.