14 November, 2012
Galaxy. Droid. Nexus. More consumers than ever use one of these Android-powered smartphones. The Android operating system is continuing to grow in popularity and now accounts for more than half of the U.S. smartphone market. But as Android use has spread among consumers and businesses so have a new breed of mobile threats, raising the bar for effective mobile security and mobile antivirus solutions. In fact, Android smartphones are now the largest target for mobile threats, including mobile malware and spyware — and very few mobile threats target any device other than Android smartphones.
The level of threat activity is ballooning. After a slight decline in early 2012, the volume of Android malware rebounded and nearly doubled in the latter part of the year. McAfee Labs researchers continually track this activity. Among the thousands of pieces of mobile malware flooding the McAfee Labs threats database are several pieces exhibiting advanced functionality. Here's a look at three of those threats.
This advanced downloader automatically purchases apps from a third-party Android market. After making the purchase, the malware intercepts and resends the confirmation codes sent by the market, silently buying the apps and deleting other billing messages so the owner of the device is unaware of the activity.
Part of a larger advanced persistent threat malware campaign, this botnet client takes commands that upload and download files from the attacker’s server. The client can also browse the directories of an infected Android device. This allows an attacker to both gather information on a particular target and maintain and increase control of that target.
To keep up on the latest threats to Android devices and get the latest insights from McAfee Labs researchers on new mobile threats, read the McAfee Labs blog.