Android Malware Broadcasts Location

Thursday, July 19, 2012 @ 05:07 PM gHale


There is Android malware out there that regularly broadcasts the location of the infected mobile device to a remote server.

What the malware creators intend to do with the privacy-invading information is not clear, said researchers at Bitdefender. The app operates in the background and appears on the smartphone or tablet as an icon with the word “store” written on it.

RELATED STORIES
Android Trojan Hits China
No Android Botnet, Just a Simple Flaw
Google: No New Android Spam Botnets
Botnet Masters Busted

The store icon is an attempt to fool the device user into thinking that it is only an e-commerce app, Bitdefender researchers said. In actuality, the malware broadcasts latitude and longitude of the device, as well as the name of the wireless carrier. It also attempts to enable the device’s Wi-Fi connection. All the data transmits to the remote server via the device’s Internet connection.

“Speculating on why all this information is broadcasted, we could conclude that infected devices act as beacons, providing attackers with a relative positioning of certain Wi-Fi networks and the frequency to which infected devices connect or interact with them,” Bitdefender said in a blog post.

The lightweight spyware has no user interface and transmits location information every couple of seconds. Because the malware runs so effectively in the background, Bitdefender believes it will eventually be bundled with other apps.

Whether it’s spyware or another type of malicious app, the number of mobile malware is soaring. The rate of growth last year was 155 percent over 2010, according to Juniper Networks. During the first quarter of this year, the year-to-year increase was 30 percent, with spyware alone doubling. Right now the target of most mobile malware is Android, the leading smartphone operating system.

While the increase in mobile malware is high, the actual number of infected smartphones and tablets remains low compared to PC infections. “While we probably haven’t seen a widespread, malware epidemic in terms of the Android platform, there have been some that haven’t been detected,” said Christian Kane, analyst for Forrester Research.

As a result, companies are looking for technology to manage applications and corporate data on employees’ devices. The mobile security market was $674.8 million worldwide last year and should top $1 billion this year, according to IDC. By 2015, the market should reach $1.85 billion, a compound annual growth rate of more than 35 percent.

Symantec, hoping to grab a slice of the pie, unveiled its first enterprise-grade antivirus software for Android devices. Called Mobile Security for Android, the antivirus software checks suspicious apps against Symantec’s blacklist of known malware. When it finds a bad app, the software can notify the device user and a corporate security team through a mobile device management console.



Leave a Reply

You must be logged in to post a comment.