Android's a malware magnet, says McAfee

The amount of malicious software hitting Android devices in the third quarter jumped almost 37 percent, boding that 2011 will be the busiest year ever for malware.

Lance Whitney Contributing Writer
Lance Whitney is a freelance technology writer and trainer and a former IT professional. He's written for Time, CNET, PCMag, and several other publications. He's the author of two tech books--one on Windows and another on LinkedIn.
Lance Whitney
2 min read

Malware targeted toward Android devices continues to surge, says a new report from McAfee, pushing 2011 to become the busiest year in history for both mobile and general malware.

The amount of malware infecting Android devices during the third quarter grew almost 37 percent from the second quarter, according to McAfee's Third-Quarter Threats Report (PDF). Android's growing demand among consumers has made it an increasingly ripe and inviting target for cybercriminals.

How inviting? Almost all new mobile malware over the third quarter was aimed squarely at Android. Legacy software being what it is, though, among all mobile platforms, Nokia's Symbian OS still saw the greatest amount of malware.

One common scheme against Android is led by Trojans that collect personal information and steal money from the user by sending SMS messages. Another type of malware records phone conversations and sends them to the attacker.

As a result of the onslaught against Android and the growth in overall malware, McAfee now believes the industry will see 75 million unique pieces of malware by the end of the year, up from its previous forecast of 70 million. That number promises to make 2011 a record year for malware.

"This has been a very steady quarter in terms of threats, as both general and mobile malware are more prevalent than ever," said Vincent Weafer, senior vice president of McAfee Labs, in a statement. "So far this year, we've seen many interesting yet challenging trends that are affecting the threat landscape, including heightened levels of sophistication and high-profile hacktivist attacks."

Phony antivirus products, AutoRun malware, and password-stealing Trojans were among the most common types of malware in the quarter, staging a rebound from previous quarters. Malware aimed at the Mac also continues to grow as Apple computers experience greater demand among both consumers and businesses.

The number of botnet infections inched down over the third quarter but staged some dramatic gains in countries such as Argentina, Indonesia, Russia, and Venezuela. Cutwail, Festi, and Lethic proved to be the most dangerous and damaging botnets last quarter.

And though spam has dropped in numbers since 2007, it's grown in sophistication, according to McAfee. Spearphishing, or targeted spam, is increasingly being adopted by more attackers and is proving to be a highly effective form of malware.

"The noise tells us spam levels have dropped, yet the signal we need to hear is that the bad guys have changed their tactics," the report noted. "They are protecting their business models and are doing so with a sophistication that creates a more dangerous threat than before."