According to a joint study by the Department of Homeland Security and the FBI, the Android operating system was the target of 79% of all malware attacks on mobile platforms in 2012.
By comparison, Nokia’s Symbian system was the target of about 19% of attacks, iOS accounted for 0.7%, and Windows Mobile and BlackBerry both were targeted at 0.3%, the study found.
The world’s most widely used mobile operating system, Android is the prime target for malware attacks “due to its market share and open-source architecture,” the study explained. The OS is also vulnerable because of the staggering proportion of users still running older versions of Android software.
The study revealed that 44% of Android users still run versions 2.3.3 through 2.3.7—known as “Gingerbread”—all of which were released in 2011 with a plethora of security vulnerabilities that were fixed in later versions.
The report, “Threats to Mobile Devices Using the Android Operating System,” is addressed to police, fire, emergency-medical and security personnel. “The growing use of mobile devices by federal, state and local authorities makes it more important than ever to keep mobile OS patched and up-to-date,” it stated.
It also detailed the different ways these malware attacks are delivered, and how to mitigate the threat.
SMS texts represented about half of all malicious applications circulating through older versions of Android OS. The study recommended installing Android security suites, such as AVG Antivirus, Lookout and Norton.
Another attack mode is through rootkits, or stealthy malware that evades normal detection and logs the user’s locations, keystrokes and passwords. “In late 2011, a software developer’s rootkit was discovered running on millions of mobile devices,” the study stated. It’s an easy fix, though, by installing Carrier IQ Test.
The last crafty form of malware delivery comes from fake Google Play domains, created by cybercriminals to steal login and financial information as users browse and download apps from a lookalike Play Store. The fix isn’t rocket science. According to the study, simply “install only approved applications” and “regularly update antivirus software.”