mobile security

Was Mobile Malware a Problem in 2011?

Last year, we predicted that mobile malware, particularly on the Android platform, would be one of the major trends in 2011. As the year draws to a close, we wanted to check to see if our crystal ball was accurate in this prediction.

In November, Juniper reported a 472% growth in Android samples since July 2011, a stat that speaks for itself. But, Chris DiBona from Google responded on his blog saying that “No major cell phone has a ‘virus’ problem in the traditional sense…” and that “virus companies are playing on your fears”.  So who’s right?

In 2011, Kindsight added signatures to our platform that detects the network behavior of Android and other mobile malware.  These signatures typically detect the command and control protocol used by the malware to “call home” to report stolen information and wait for instructions.

Looking at the results from Kindsight deployments, we have seen a significant increase in Android infections from our network-based malware detection systems. As shown below, there was a 4x increase in the last 3 months (early Sept to late Nov), which appears to confirm the report from Juniper.

Android infection graph

Malware Distributed through “Trusted” Android Market

The spread of malware to smart-phones was high on our prediction list for 2011. It now appears that this prediction was bang-on, especially in the case of Android-based smartphones.

It was recently discovered that over 50 Android applications, distributed through the official Android Market, have been infected with DroidDream malware. The malware was downloaded to over 260,000 devices before Google became aware of the problem.

Has Mobile Malware Already Arrived?

The spread of malware to smart-phones was high on our prediction list for 2011. The good news is that it’s now February and except for the Geinimi outbreak in China, we haven’t seen any major outbreaks so far. The bad news is that security researchers keep finding new ways to exploit mobile phones.