New Android malware samples could set record this year, predicts G Data

Tools

Android devices are the most popular smartphones by far, beating iPhones by a wide margin. This means that Android devices are finding their way into the enterprise, either via bring your own device policies, programs that supply Android phones for employees or through employees who use Android phones despite corporate smartphone policies.

The influx of Android devices into the corporate environment raises concerns among IT security professionals because of Android OS's shaky security reputation. A new report that antivirus firm G Data released on Tuesday will not ease those concerns.

In its quarterly Mobile Malware Report [.pdf], G Data revealed a 27 percent quarter-over-quarter increase in new malware samples targeting the Android OS for the second quarter of 2015.

In the first half of 2015, the number of new Android malware samples surpassed the 1 million mark for the first time, an increase of 25 percent from the second half of 2014, according to the G Data report. G Data is predicting that Android malware will surpass 2 million samples for the entire year.

"There has been a rapid increase in malware samples for the Android operating system. They are running around 6,100 new samples per day in the second quarter," Andy Hayter, security evangelist at G Data, told FierceITSecurity. "It is becoming more profitable to do Android malware, and there is a huge target out there."

G Data also uncovered more than 26 new examples of embedded malware in smartphones, primarily made in China. G Data suspects that middlemen are responsible for implanting this malware, so they can steal user data and sell it or engage in malvertising. 

"It looks like [the phone] is coming out of the factory with pre-installed malware, when in fact some third party has opened it up, infected it and locked it up again," Hayter said.

"The problem with this type of malware is you can't uninstall it. The malware has been locked into the phone. It can be detected but it cannot be uninstalled unless you unlock your phone, which most people are not going to be doing," he added.

For more:
- check out the G Data report [.pdf]

Related Articles:
Hacking Team breach discloses Android exploit that tricked Google Play security
Android security bug could enable attacker to replace legitimate app with malware
Android takes the lion's share of increasingly mobile malware attacks