Affixing some more figures to the grim malware predictions for this year, Trend Micro has warned that the threats from viruses on smartphones will increase in 2013.
According to Trend Micro, malware targeting Android increased nearly sixfold in Q3 (July to September) 2012 to more than 175,000, up from around 30,000 “malicious” and potentially “dangerous” applications. The volume of malicious and high-risk Android apps will hit one million in 2013, according to a prediction by the security firm.
Risks include espionage to gain private information from the phone, aggressive advertising, which cannot be removed and spam. The firm predicts that next year viruses will be able to feed information from the likes of banking applications, putting customers at great financial risk.
In terms of market share, Android may be on its way to dominating the mobile space the same way that Windows dominated the desktop/ laptop arena. Malicious and high-risk Android apps are becoming more sophisticated. An “arms race” between Android attackers and security providers is likely to occur in the coming year, much as one occurred a decade or more ago over Microsoft Windows.
Mobile malware to increase this year
Google has made improvements to the security of the Android platform. App scanning in the form of Bouncer was first introduced in February and integrated into devices with the use of the latest Android version — Jelly Bean (Android 4.2) — later in the year.
The improved permissions dialogue box for newly installed apps made the permissions more explicit. However, these steps will not lessen the appeal of the platform to cyber criminals and thieves.
Trend Micro adds that in terms of mobile malware, what it has seen in 2011 and 2012 was a period of experimentation. While acknowledging that it hasn't seen a mobile malware “tool kit’” as on PCs, it believes that it will begin to see it on mobile.
“The establishment of a leading kind of banking malware tool will be witnessed and a leading kind of information theft toll, which will be commoditized and for sale on the underground market. Criminals will be adding plug-ins and additional functionality but the tool kit will be the root,” the report by Trend Micro states.
“Black Hole” exploit kits, currently the biggest threat to computer security, are already collecting information on mobile operating systems, according to Ferguson. “We will soon see the first exploit kits capable of targeting mobile devices, where your phone can be infected just by accessing a web page.
When that happens it will be a game changer, as criminals break out of the need to go through the app store – Apple will be targeted.”
“Functionally, technologically, we have got what we need from a security point of view but the places where we need to see change and advancement is from smartphone operating system manufacturers, namely Google, Apple, Microsoft and RIM, they need to make sure they partner more closely with the security industry in general to make their operating system more securable.”
Rajat Sahu, Product Marketing Manager (Consumer), India and SAARC, Trend Micro, says the challenge still lies around raising awareness, as mobile users are still unwilling to accept there is a threat to their phones. The number of malicious and high-risk Android apps will increase threefold in 2013, broadly in line with predicted growth of the OS itself.