From Cupcake to Jelly Bean, the last five years have brought many different flavors of smart phones to Android users. People can’t seem to get enough of these delicious digital treats, grossing over 500 million active Android devices worldwide and expecting to reach one billion at some point in 2013.
With its increasing popularity, it’s no surprise that the Android OS is the most attractive target for writers of mobile malware. From April to June 2012, McAfee Labs found that practically all new mobile malware was directed at the Android platform. The attacks included SMS-sending malware, mobile botnets, spyware and destructive Trojans.
Mobile threats continue to evolve as writers of mobile malware become more advanced in their practice. They are looking to steal consumer and business data from unprotected devices ranging from customer lists to personal financial information. These threats are growing in their sophistication and continue to find vulnerabilities through users’ pictures and social media applications.
In the last few months McAfee Labs has uncovered the latest emerging threats that Android users should be watchful for:
“Drive by downloads:” From April to June 2012 there was an emergence of mobile Android “drive by downloads.” These mobile drive by downloads drop dangerous malware on your phone when a user visit a malicious site. Once the user tricked into running the app it steals the personal data stored on your phone.
Twikabot.A: A new botnet client, Android/Twikabot.A, uses Twitter as a means of controlling and executing attacks. The user unexpectedly downloads the malware onto their phone after clicking on a Twitter picture link or message. Once downloaded the attacker can, tweet infected links to followers, install additional malware, delete files and leave the back door open for other attackers.
Stamper. A: Malware authors have evolved the Android/Moghava.A into a new Trojan threat known as Android/Stamper.A by simply changing a few lines of the original malicious code. This damages photos by photo-bombing the user’s pictures with an image of a baby. Users looking for a voting app for the Japanese female pop band, AKB48, unknowingly download the Trojan. The baby picture is from an ad campaign originally targeted at male fans of the band, posing the question “if you and a member of AKB48 had a kid, what would it look like?” The ad campaign put together a sumo wrestler and band member and featured an image of what that ensuing baby would look like. While the Trojan doesn’t change anything except the image and a few strings in the image stamping, users expecting to get results from the pop group’s fan site instead have all their pictures damaged with a photo-bombing baby.
McAfee Labs recommends that all Android users take appropriate precautions to safeguard their devices and personal information. For more information on how Android users can protect their devices visit mcafee.com/us/mms/. You can also download a free guide on mobile security from our Security Advice Center.