Malware targeting Google’s Android operating system is not as big a problem yet as some security suppliers are claiming, a study has revealed.
“This means that real users on a real network are seeing low volumes of real mobile malware,” said Brian Foster, chief technology officer at Damballa.
Those infections were the normal variety of bot-related malware that is seen on the PC, he said, including malware for setting up botnets as well as malware for spam, phishing and fake antivirus.
The findings of the study support Google’s own findings, presented at the Virus Bulletin conference in Berlin in October, that less than 1% of Android installations from Google Play are malicious.
Damballa was able to analyse passive domain name system (DNS) data from cellular and wired internet service providers (ISPs) with visibility into 43% of wired and 33% of wireless traffic in North America.
Although mobile malware is certainly something we need to keep an eye on, it is nowhere near what we are seeing on the PC
Brian Foster, Damballa
The study observed that mobile devices connected to the same infrastructure for malware command and control as PCs 98.7% of the time.
This means that the bad guys out there that writing PC malware are the same guys experimenting with Android malware,” said Foster.
“They are also using the same infrastructure to communicate instructions to whatever malware is running on Android,” he told Computer Weekly.
Another interesting fact uncovered by the study, he said, was that 99.99% of all the malware classified as mobile was actually running on a PC tethered to a mobile device.
“Less than 1% of the infections on the network was malware actually running on a mobile phone,” said Foster.
This means the huge numbers of mobile malware variants being detected by security suppliers do not appear to be translating into real-world infections in the North American region.
“Although mobile malware is certainly something we need to keep an eye on, it is nowhere near what we are seeing on the PC,” he said.
More on mobile malware
- Mobile malware threats jump 26% in third quarter
- Video: Mobile phone users prone to SMS mobile malware
- Junipers' Mobile Threats Report: Mobile malware attacks grew over 600%
- Mobile malware up 163% in 2012, says NQ Mobile
- Android mobile malware rebounds in Q2, reports McAfee
- Mobile malware and social malware: Nipping new threats in the bud
- Mobile malware on the rise
- Mobile security model flawed, says Mobile Helix
- Rapid malware growth for smartphones, reports G Data
- Obad.a analysis: Is malware on Android devices now equal to Windows?
Foster added that most malware that security researchers see is not seen by the average user, and the research provides a new perspective on the scale of malware threats.
According to Damballa, one of the reasons mobile malware is still low is that while PC malware is easy to distribute through online downloads, mobile apps are more tightly controlled and vetted by app stores.
“We see pockets of more widespread Android malware, but only in regions of the world such as the Middle East and parts of Asia where there is no Google Play market,” said Foster.
However, he said those behind Android malware have always been innovative, which is unlikely to change.
In the meantime, the report concludes that mobile application markets are providing adequate security for a majority of mobile devices.