Android Market Serves Up Malware
According to a study by the Juniper Global Threat Center, malware samples have increased by a staggering 427 percent since July, 2011. The increase follows a 400 percent increase between 2009 and mid-2010.
Juniper identified the loose requirements of developers to add applications to the official Android Market where there is no review of the application and no verification of the description provided by the developer.
As the numbers are increasing, the type of malware is evolving too. In May of 2011, The Juniper Global Threat Center identified a new type of malware which allowed an attacker to gain root access to the device and install malicious programs and steal user data. According to this report:
"...The most advanced Android malware to hit the streets has been uncovered inside the Android Market. Analysis indicates that several techniques for accessing data, opening back doors, installing unauthorized code and rooting an Android device have all been put together to make up the most capable and advanced Trojan to affect the Android platform to date..."
Now, virtually all malware samples (about 90% of those tested) contain this payload.
About 55 percent of malware is considered 'spyware' because targets personal information. Another 44 percent of the malicious programs are considered SMS Trojans. These are programs that send text messages to premium-pay numbers which charge the user per message. These charges are unknown to the user until the bill arrives and are usually not recoverable.