Mobile Malware Increases Chances of Infection in Android

Mobile malware is rising, and there have been explosions in the world of viruses and Trojans. Virus makers are now targeting mobile platforms- thanks to their growing popularity. If we take the statistics from last 6 months, the chances of Android smart phones to be infected have doubled.

abdroid malware

Lookout Security, the company that develops security solutions for Android phones, reported that the probability of Android phones catching a virus (or any other malware) has risen by 2 ½ times since January 2011.

About 1%-5% Android users have had infected phones by June, and these are just the reported numbers. The actual cases are much more, where users don’t know that their phones are infected with malware.

Kevin Mahaffey, the CTO and co-founder of San Francisco branch of Lookout, disclosed some startling statistics: there were 80 different types of Android malware in January 2011, and the numbers rose to 400 in June. The numbers have risen again in July and August, but the stats have not yet been disclosed. This is a threatening situation for Android users, who are quickly switching to newer and better security mechanisms to keep their phones and tablets safe from the rising risk of virus problems.

These stats have been received by Mobile Threat Network, after analyzing the applications that were acquired from independent and official markets, along with the malware detection outcome from security software. Many apps were not secure, making the phone vulnerable to virus attacks.

The infamous Android malware trouble rose to public eyes this March, when Google pulled over 50 applications from the Android market. These apps were infected with DroidDream, a strong malware. The company continued pulling apps from the market in small clusters from Google’s official website for downloading, along with some third party markets, especially in China.


The biggest malware threat to Android users is probably the rogue application model. In this model, attackers pirate a legit program and add some malicious code to it. Then they release it into the market. This repackaging of legit apps poses a lot of danger, and has proved to be an effective and strong malware agent.

But rogue app isn’t the only threat. Malware makers are innovative, and they keep coming up with newer and ‘better’ techniques to ruin people’s Android phones and tabs. Another technique that is popular among Android malware makers is the upgrade attack. This attack is used to cover the infected app. Usually when an app is found infected, it is pulled from the Android marketplace. To make sure their app stays in the market, attackers use the upgrade attack.

They give a clean app in the beginning. And then they offer an upgrade, which is infected with virus. And since most people have automatic updates on, within some time, every device that has the app becomes infected.

Mahaffey observed that hackers use different techniques to make their malware spread out widely. Mobile malware is still on its experimental stage. It should be curbed before it becomes a big problem.

{module user9-footer}

  • Linuxrich

    Mahaffey observed that hackers Hackers. Really? I didn’t expect that lazy use of the term here.

  • C. Whitman

    By what I’ve seen the malware for Android is predominantly (indeed almost exclusively) made up of Trojan infections. Characterizing it as Viruses gives a misimpression. It makes the operating system sound less secure than it actually is. Trojans have to be installed by the user. Viruses wouldn’t have to be.

    The scary thing about what has actually happened is that there were a number of Trojan apps in Google Marketplace. In a company maintained application store users are supposed to have some modicum of safety.

  • johnH

    I thought Android was a Linux based OS and had the security of Linux? My Linux computer needs a password to install applications, does Android require a password to add applications?

  • GreyGeek

    I find reports about Android infections and infection rates coming from folks who are trying to sell AV products to be very suspicious.

    They have reported hundreds of viruses for Linux, but when you check their origins you find that 99+% were found on "2 or fewer" PCs and the risks were "low or negligable". Sort of like Gold mine salesmen salting the mine with shotguns shooting Gold dust into rocks.

    1-2% is well below any margin of error for the anecdotal measurements used, thus meaningless.