Android infections dominate mobile devices

Android devices have now beat out Window devices with the most infections.  Interesting that Apples iOS devices don’t even show up.  This confirms what I have been saying about the excellent security on iOS devices.

Trojan that steals usernames, passwords and credit card information and uploads the information to a remote command & control server

mobile infections1

In mobile networks we found that 0.52% of devices were infected with high threat level malware. This is slightly up from the 0.50% we reported last quarter. The vast majority of infected devices are either Android phones or Windows laptops tethered to a phone on connected directly through a mobile USB stick or MIFI hub. The infection rate among Android devices is actually over 1.0%.

There has been a sharp increase in infections in the last quarter even tho Android has introduced new security features. Kindsight Security Labs reports that there are still major failures in the new security features.

mobile infections2

The Android security model has been known to be weak for some time, but research has turned up additional weaknesses in the handling of application signatures . All Android application must be signed cryptographically. Normally this would allow you to verify the identity of the application’s author and verify that the application has not been tampered with. Unfortunately on Android there are serious problems with this:

As part of our demonstration at the Black Hat 2013 conference, we will show how to take a popular Android game, inject a SpyPhone service into it and then sign it for distribution . The victim has
no way of knowing that the app has been tampered with and can only assume that they have a legitimate copy of the game .

You can read the full PDF report at:

​Kindsight Security Labs Malware Quarterly Report​

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s