News Stay informed about the latest enterprise technology news and product updates.

McAfee sees continued rise in Android malware

Nearly all new mobile malware was directed at the Android platform in the second quarter of 2012, according to the latest McAfee threat report.

Mobile malware continued its steady rise in the second quarter of 2012, targeting mainly Android devices, according to the latest threat analysis provided by McAfee.

Mobile malware is certainly not proof-of-concept or early code.

McAfee Inc.

The growth of mobile malware in 2012 has been "unprecedented," McAfee said with more than 13,000 mobile malware samples collected and analyzed by the security giant compared to less than 2,000 in 2012. The "McAfee Threats Report Q2 2012," (.pdf) highlighted the emergence of drive-by downloads targeting Android users, a Trojan that corrupts photos on an Secure Digital (SD) memory card, and a new botnet client that uses an Android device and a Twitter client to communicate commands.     

"Mobile malware is certainly not proof-of-concept or early code," McAfee noted in its report. "It is fully functional and mature, and mobile malware writers know what they are looking for: consumer and business data."

The sharp increase in mobile malware documented by McAfee may be partially attributed to its focus on the Android platform. In January, it launched Android endpoint security software. Earlier this year, the company also joined other security vendors, launching a mobile app designed to protect Android devices. Security experts have been noting the increased threat to mobile devices as they become used for banking and other sensitive transactions. The threat is being taken seriously at enterprises. Many IT professionals indicated in a recent enterprise mobility survey that addressing the threats posed by mobile device use in the workplace is a rising priority.  

Still, mobile malware remains a tiny fraction of the malware collected by McAfee. The security vendor said its database contains more than 90 million samples and is on track to reach more than 100 million samples before the end of the year.

McAfee said it saw a slight increase in rootkits, with the Koutodoor Trojan showing "tremendous growth. Koutodoor,(.pdf) first detected in 2007, installs a rootkit, modifies registry values and attempts to remain undetected, giving the attacker administrator privileges to the victim's machine. The TDSS and ZeroAccess rootkits declined slightly, but continue to infect machines globally.

"Rootkits, or stealth malware, are one of the nastiest classifications of malware we see; they have a heavy influence on almost all other areas of malware," McAfee said. "They are designed to evade detection and 'live' on a system for a prolonged period."

Rogue antivirus, password stealing Trojans and ransomware also continues to be a problem.

Dig Deeper on Mobile security threats and prevention

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Android malware comes from non-Google app stores, or sideloaded APKs. and with respect to the malware that does manage to make it into the Play Store, F-Secure says "the Play Store is most likely to promptly remove nefarious applications, so malware encountered there tends to have a short shelf life
It seems to be the case when a vulnerability is made public, everyone them makes use of it. the malware writers who do this know most users do not put a lot of effort in protecting or backing up their systems. This make a lot of prime targets. It's nice they let us know of a system flaw but you also gave the hackers a new way in as well
And I’ll say it again - only run the code you trust. I’ve seen that problem for years on pretty much any mobile platform - users will download and install apps without giving security a second thought.
I agree mcorum. READ THE PERMISSIONS !!! Does an app really need access to my photos or address book ???  No ! Then I decline and move on to find one asking for less permission or none at all. When will people learn. They just want instant gratification to use the app or game and blindly click accept and think they are safe. If they only knew what they are opening themselves up to, they may think twice. The same goes for ELUA's. Read what clicking "I Agree" opens yourself upto...