Skip the navigation

Android malware steals location data from mobile devices

By Antone Gonsalves
July 18, 2012 09:15 AM ET

CSO - BitDefender Labs has discovered Android malware that regularly broadcasts the location of the infected mobile device to a remote server.

What the malware creators intend to do with the privacy-invading information is not clear. The app operates in the background and appears on the smartphone or tablet as an icon with the word "store" written on it.

The store icon is apparently meant to fool the device user into thinking that it is only an e-commerce app, according to Bitdefender. In actuality, the malware broadcasts latitude and longitude of the device, as well as the name of the wireless carrier. It also attempts to enable the device's Wi-Fi connection and scan for antivirusailable access points. All the data is transmitted to the remote server via the device's Internet connection.

[More on the subject: Security managers split on BYOD, skeptical of Android devices]

"Speculating on why all this information is broadcasted, we could conclude that infected devices act as beacons, providing attackers with a relative positioning of certain Wi-Fi networks and the frequency to which infected devices connect or interact with them," BitDefender said in a blog post on Tuesday.

The lightweight spyware has no user interface and transmits location information every couple of seconds. Because the malware runs so effectively in the background, Bitdefender believes it will eventually be bundled with other apps.

Whether it's spyware or another type of malicious app, the number of mobile malware is soaring. The rate of growth last year was 155 percent over 2010, according to Juniper Networks. During the first quarter of this year, the year-to-year increase was 30 percent, with spyware alone doubling. Most mobile malware is targeted at Android, the leading smartphone operating system.

While the increase in mobile malware is troubling, the actual number of infected smartphones and tablets remains relatively few when compared with PC infections. "While we probably haven't seen a widespread, malware epidemic in terms of the Android platform, there have been some that haven't been detected," Christian Kane, analyst for Forrester Research, said.

As a result, companies are looking for technology to manage applications and corporate data on employees' devices. The mobile security market was $674.8 million worldwide last year and is projected to top $1 billion this year, according to IDC. By 2015, the market is expected to reach $1.85 billion, a compound annual growth rate of more than 35 percent.

Symantec, hoping to grab a slice of the pie, announced on Tuesday its first enterprise-grade antivirus software for Android devices. Called Mobile Security for Android, the antivirus software checks suspicious apps against Symantec's blacklist of known malware. When a bad app is discovered, the software can be set to notify the device user and a corporate security team through a mobile device management console.

Originally published on www.csoonline.com. Click here to read the original story.
This story is reprinted from CSO Online.com, an online resource for information executives. Story Copyright CXO Media Inc., 2006. All rights reserved.
Our Commenting Policies
Internet of Things: Get the latest!
Internet of Things

Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!