Palo Alto Networks’ WildFire malware analysis sandbox now is capable of analyzing Android applications in the APK file format to identify advanced threats in Android applications.
Earlier this year, Jon Oltsik, Senior Analyst at Enterprise Strategy Group, noted that mobile malware increased more than 1,000% in 2012 and that volume and sophistication will continue to increase in 2013.
Due to the Android OS open development environment and its popularity, which according to IDC held a leading 79.3% market share in Q2 2013, Android-based smartphones and tablets are susceptible to mobile malware. The platform provides an enticing way for cybercriminals to attack networks as evidenced by the recent distribution of the ‘BadNews’ malware via a mobile advertising network.
To address the challenge of advanced threats, organizations need to ensure their security strategies account for threats targeting their employees’ mobile devices and the networks to which they are connected. Unlike traditional security solutions that focus on the endpoint, Palo Alto Networks WildFire captures malware in the network and in the wild, and actively analyzes it in a virtualized Android environment to proactively protect networks against new APK-based malware.
WildFire aggregates and analyzes suspicious files on enterprise networks. If a file is determined to be malware or a cyber threat, a signature is generated that protects users from the newly detected malware and its variants.
WildFire now searches major Android marketplaces for new applications to analyze. It then generates a signature for apps determined to be malware that can be downloaded by Palo Alto Networks customers to further secure their networks. Palo Alto Networks currently has coverage for more than 300,000 pieces of Android malware.