/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsBANGALORE, INDIA: How secure is my Android phone? This question seems to be hunting thousands of Android smartphone users today than ever before.
However, Android, the fastest-growing mobile platform, seems to have very few answers.
In March, Google pulled back nearly 50 malware infected repackaged versions of legitimate Android apps from the Android Market. Ever since, the Android Market is said to be the source of a huge number of malware. The platform has been charged to be responsible for 57 per cent of infections.
Also read: Saftey tips for Andorid users
Again in May 2011, NetQin Mobile Inc, a China-based mobile security company, reported the discovery of new malware lurking within more than 20 Android applications circulating via various forums on the Internet which auto-dials phone numbers to incur high user fee. According to Tim Wyatt, a researcher with mobile security firm Lookout, as many as 120,000 Android users have downloaded the trojans before they were detected.
The malware threat seems to be only getting bigger as the Google software is moving into cheaper hardware and starting to compete with high-volume, low-margin phones made by various companies. This essentially means that more and more Android users will be looking for applications from different market places thus exposing themselves to the risk of malware.
Though Google has stepped up monitoring of the Android market in recent weeks and has pulled back a number of Android apps for terms of service violations, including malware, the infections are still galore in the Android market.
According to Juniper Network's New Malicious Mobile Threats Report 2010/2011 published in May this year, the Android platform has surely become a focus of cyber criminals. The report points out that Google Android malware samples have grown 400 per cent from June 2010 to January 2011.
Also read: Mobile hacking sets off security gold rush
The root cause of Android security vulnerabilities has been Google's open market policy. Google trusts the community of developers and users to rate an application or flag it as “malicious”. This was supposed to encourage programmers to develop applications that will in turn attract people to purchase Android smart phones since numerous applications are available.
Karl Dominguez, Threat Response Engineer, Google Andorid, notes in his blog that this openness also attracted cybercriminals, as Android’s popularity has become a perfect opportunity for them to profit.
“As we have seen with the first Android malware, cybercriminals 'Trojanized' legitimate applications and uploaded the new packages to third-party markets, hoping users will download these. Trojanizing legitimate apps became a norm in the Android platform landscape and the best advice (seemingly) is to download only from trusted sites and, of course, from the Android Market,” he said.
"The Android app ecosystem is by definition open," says Rik Ferguson, Director of Security Research & Communications, Trend Micro.
"There is a wide array of app stores available and apps are therefore ready for use by the user community in minutes. This greater openness of the developer environment has arguably fostered an atmosphere of creativity, but as Facebook has already discovered it can also be a very attractive criminal playground," added Ferguson.
Google's Android mobile-phone platform faces soaring software attacks and has little control over the applications, according to security firm Kaspersky Lab.
Applications loaded with malicious software are infiltrating the Google operating system at a faster rate than with personal computers at the same state in development, said Nikolay Grebennikove, chief technology officer for Kaspersky in a recent interview.
Though Andorid has taken several steps to check the infections on its applications and started remotely removing infected ones, the problem seems to be only inflating day-by-day. Only time would tell what Google would do with its open market policy in order to make its platform secure.
Also read: Fee deduction malware on Andorid spotted