Android a Platform of Choice for Trojans

Monday, August 20, 2012 @ 05:08 PM gHale

Android is under attack, there is no doubt about it, but how severe the attack is remains open to debate.

On one hand you have Kaspersky Labs saying the number of Android Trojans tripled in the second quarter of the year and now stands at 15,000.

Android Malware Keeps Rising
Framework Shows Android Security Holes
APT Targets Android
Apps Access Data Without Permission

On the other hand, F-Secure has seen only a moderate increase of 40 new Android malware. The difference appears easy to explain.

Kaspersky’s numbers relies upon unique samples. That means when a new bug appears, a hash value generates for the program. If this digital fingerprint is not in the company’s database, then it accounts for a new unique sample. In practice though, a new unique sample could generate by replacing an “A” with an “a” in the code, making a new hash value even though the malicious program remains the same. So, in the second quarter of 2012, 14,923 Android Trojans landed in the Kaspersky Malware Statistics.

F-Secure has, for some time, chosen a more sophisticated approach to how it analyzes the pests for its statistics, such as those it presents in its quarterly Mobile Threat Report. It bases its numbers for malware distribution on malware families or variants and therefore provides a much better measurement of the real threat compared to the inflated unique samples values.

F-Secure discovered in the April to June period, 40 new families or variants of existing families of malware emerged.

While the numbers may be different, both AV vendors agree on one thing: Android is the preferred mobile platform for attackers.

Leave a Reply

You must be logged in to post a comment.