• Android Malware Has Increased 472% Since July

    // Gradly // blog, Infographic 1 Response

    In a report by the Juniper Global Threat Center has found that Android malware has increased by 472% since July of this year. They also pointed out that this October and November were the months that showed the fastest growth of mobile malware on Android ever.

    Android malware increases

    Juniper’s report includes 400% increase in Android malware from 2009 to the summer of 2010. In August, detected malware samples increased by 10%, then by 18% in September. October saw a 110% increase on top of the previous month, and November has so far seen a 111% increase. Check out the infographic below

    By comparing to Apple’s App Store, the open-ended nature of the latter, as well as the lack of any code-signing and checking process in Google’s Market are to be blamed.

    “These days, it seems all you need is a developer account, that is relatively easy to anonymize, pay $25 and you can post your applications,” wrote Juniper in its report. “With no upfront review process, no one checking to see that your application does what it says, just the world’s largest majority of smartphone users skimming past your application’s description page with whatever description of the application the developer chooses to include.”

    As mentioned by Appleinsider, an August report from McAfee found that Android had become the most-targeted platform for malware while iOS was untouched.

    In addition to an increase in the volume, the attackers continue to become more sophisticated in the malware they write. For instance, in the early spring, we began seeing Android malware that was capable of leveraging one of several platform vulnerabilities that allowed malware to gain root access on the device, in the background, and then install additional packages to the device to extend the functionality of the malware.

    In addition to this, 55% of threats are spyware-based attacks that send private data and take control of devices, while 44% are trojans that send text messages to services that charge the user.

    Is this a valid reason for users to opt for iOS devices. What do you think?

  • 800 out of 10,000 Android Apps Leak Private Information

    // Gradly // Android, blog, google, Mobile, News, Rants & Raves No Responses

    Android has had its fair share of malware problems. Whenever malware are detected, Google reacts swiftly and remove them. However, according to a report from Digitizor, security researcher Neil Daswani, around 8% of the apps on the Android market are leaking private user data.

    Neil Daswani, who is also the CTO of security firm Dasient, says that they have studied around 10,000 Android apps and have found that 800 of them are leaking private information of the user to an unauthorized server. Neil Daswani is scheduled to present the full findings at the Black Hat Conference in Las Vegas which starts on July 30th.

    This malware problem on Android has become too much. One of the main reason that we see malicious apps in the market is because of the lack of regulation in the apps that get into the Android Market.

    Sure, the lack of regulation can be good. It means that developers can make their apps without worrying if Google will accept their apps or not. It fits into the pre-existing application distribution model where anyone can develop and publish their own apps.

    I think that it is time that Google make approval of the apps a requirement before it gets into the Market. They do not need to do it like Apple, but a basic security check before an app gets on the market will be nice.

  • Google Will Help Protect Your Computer from Malware

    // Gradly // blog, google, Microsoft, Tech. No Responses

    Google has been able to detect a large number of computers infected with a specific piece of malware. If you go to Google and do a search (any word will do) right now, check to see whether you get a “Your computer appears to be infected” warning at the top of the search results. If you see the message, you need to clean up the infection from your machine.

    As we work to protect our users and their information, we sometimes discover unusual patterns of activity. Recently, we found some unusual search traffic while performing routine maintenance on one of our data centers. After collaborating with security engineers at several companies that were sending this modified traffic, we determined that the computers exhibiting this behavior were infected with a particular strain of malicious software, or “malware.” As a result of this discovery, today some people will see a prominent notification at the top of their Google web search results:

    This particular malware causes infected computers to send traffic to Google through a small number of intermediary servers called “proxies.” We hope that by taking steps to notify users whose traffic is coming through these proxies, we can help them update their antivirus software and remove the infections.

    You can run a system scan on your computer yourself by following the steps mentioned here. This is malware that’s specific to Windows.

  • New Trojan Targets the Mac

    // Gradly // Apple, blog, News, Rants & Raves No Responses

    Some security researchers have long complained that Apple won’t take security seriously because doing so conflict with the company’s marketing message that Mac buyers need not worry about being attacked. The discovery of a beta of a Mac-attacking Trojan once again shows Mac invulnerability to be a myth. And in an unrelated move, Apple has reached out to security researchers, showing that it may finally take security seriously.

    The security company Sophos says that it’s found the beta of a backdoor Trojan targeting the Mac that’s “a variant of “a well-known Remote Access Trojan (RAT) for Windows known as darkComet.”

    The author calls it the ‘BlackHole RAT,’ strongly implying that plans are to have it masquerade as the legitimate Black Hole security application designed to keep a Mac safe by purging private information such as clipboard data and recent file lists.

    Sophos is quick to point out that the Trojan is not yet finished. But the company clearly believes that attacks on the Mac are in the offing. It notes on its blog:

    It appears there is a new backdoor Trojan in town and it targets users of Mac OS X. As even the malware itself admits, it is not yet finished, but it could be indicative of more underground programmers taking note of Apple’s increasing market share.

    That Sophos researcher Chet Wisniewski has seen another Trojan called HellRTS already in circulation on file-sharing sites used to pirate Mac software.

    Apple hasn’t responded specifically to these new threats, but there’s a major, encouraging sign that it is taking Mac security very seriously, possibly because it now has a big enough market share that malware writers see it as a financially viable target.

    The Edible Apple blog reports that Apple is offering security experts free preview versions of OS X 10.7, called Lion, “so that they can take a look at Apple’s new security measures and presumably reach back to Apple with any thoughts, observations, and concerns they might have.”

    The site reports that Apple sent out the following note to security experts:

    “I wanted to let you know that I’ve requested that you be invited to the prerelease seed of Mac OS X Lion, and you should receive an invitation soon. As you have reported Mac OS X security issues in the past, I thought that you might be interested in taking a look at this. It contains several improvements in the area of security countermeasures.”

    Security researchers so far are pleased that Apple seems to be taking security more seriously than they have in the past. Edible Apple reports that MacBook hacker and security consultant Dino Dai Zov tweeted “This looks to be a step in the direction of opening up a bit and inviting more dialogue with external researchers.”

    And CNet quotes OS X hacker Charlie Miller saying in an email:

    “As far as I know they have never reached out to security researchers in this way. Also, we won’t have to pay for it like everybody else. It’s not hiring us to do pen-tests of it, but at least it’s not total isolation anymore, and at least security crosses their mind now.”

    That’s more than just faint praise, it appears that Apple may finally accept that security needs to trump marketing.

    [via: computerworld]