We closed last year with a special concern about malware on Android. It was growing dramatically, and that coupled with the large number of users who were starting to use the operating system, could become a huge problem. The line we follow at the end of 2012 is the same. Of the Mobile malware developed this year, 99% was targeting Android.
The report comes from a study of Kaspersky Lab, the well-known manufacturer of one of the best known and most valued antivirus. The platforms targeted by malware developed for mobile phones have been analyzed, among which are: Android, J2ME (Java), Symbian, and Others, including iOS, BlackBerry, etc.. However, all the others might well have been disregarded, since the 98,96% of viruses and malicious software are developed for the Google operating system.
And the problem goes very far, since we are not only talking about applications that are downloaded from suspicious sites, but it reaches the very Google Play. Despite the inclusion of the new malicious application detection system Google Bouncer, which scanned apps for viruses, there have been no major changes in the amount of malware found in the store. In fact, the Dougalek, software that is downloaded from Google Play by tens of thousands of users, especially in Japan, has caused one of the largest information leaks in the landscape of mobile devices.
But the dangers go much further, not just loss of information. The first botnets have started to appear, which are networks of devices that are remotely controlled by a malicious user. It is reached through an application with malware, and they take control of our smartphone without us noticing. And the word "net" is contained because authentic user networks are created. In the most striking last, a team of hackers managed to reach hundreds of thousands of devices through an application called RootSmart, which allowed the device to be controlled remotely. Of those hundreds of thousands, between 10.000 and 30.000 were active subjects who could exploit. From these, they sent premium SMS messages to their own numbers, to earn money. In addition, by having a large number of controlled smartphones, they did it with small expenses, and they separated the shipping periods a lot, in such a way that users almost did not perceive it on their invoice, but they were taking money away from them.
Without a doubt, we must be very careful with what we install on our device. It never hurts to have some antivirus application, avoid installation of applications outside of Google Play in which we do not have full confidence, and monitor well what are the permissions of the applications that we install even from the store. If there are permissions that do not match the activity of the application and the reason for these is not explained in the description of the application, it is better to avoid installing that application.