Android's Malware Problem
According to a recent study by the U.S. government, 79% of all malware in mobile operating systems resides in Android.
That malware can come from a variety of sources, says Bob Egan, CEO and founder of Sepharim Group, a mobile enterprise consultancy. Legitimate applications can be infected within the Google Play store, and some users "sideload" applications from sources other than the Play store.
But the biggest threat is the free-for-all nature of upgrading and patching the many versions of the operating system. The study, conducted by the Department of Homeland Security and the FBI, found that 44% of Android users still have versions of Gingerbread that were released in 2011 and have known security holes that were patched in later versions.
The report, which was published to alert police, fire, EMS and security professionals to the problem, cited known threats and suggested mitigation strategies for each.
Threat: SMS Trojans represent nearly half of the malicious applications circulating on older versions of Android.
Mitigation: Install Android security suite designed to combat such Trojans. It's available for purchase or free download from the Internet.
Threat: Rootkits log a user's location, keystrokes and passwords surreptitiously.
Mitigation: Install Carrier IQ Test, a free application that can detect and remove the rootkits.
Threat: Fake Google Play domains trick users into installing malicious apps that can then steal sensitive information from the mobile device.
Mitigation: Install only approved applications and follow IT department procedures to update the operating system. Install and regularly update antivirus software.
— Tam Harbert