Android phones are popular and growing more so every day. According to research firm IDC, there were close to 350 million active smartphones worldwide in the second quarter of 2015, and approximately 80 percent of them ran on the Android platform. That leaves about 280 million open sourced Android devices owned by 3.5 percent of the world’s total population exposed to a barrage of vulnerabilities, including malware attacks, fake apps, Malvertising, phishing scams and more.
To put this threat in perspective, our own research shows staggering growth in the number of Android malware samples, 1.2 million to be exact, from the third quarter of 2015. Research also found 220 new families of Android malware and 147 new variants of existing Android malware families. All in all, new variants of existing malware families targeting Android devices numbered close to 600 in 2015, as of the end of Q3.
Unfortunately for Android users, and the organizations that depend on these devices to power their mobile workforces, the increase in malware has been trending for several quarters now and doesn’t show any signs of slowing to a halt anytime soon. One major challenge to securing Android-based devices is the many “flavors” of the Android operating system. This fragmentation creates additional opportunities for malware authors who are savvy at taking advantage of the inconsistencies between Android OSs. Another major challenge is the number of devices still running very old versions of Android which tend to lack adequate security safeguards.
Going into 2016, Android users will need to be on high alert for some of the following sneakier methods cyber criminals are banking on to steal personal data and confidential company and financial information:
1. When the Android samples our labs received were broken down further into their categories, our key observation was that Adware constituted two-thirds of all samples received. So it’s not surprising that Adware has been the leading source of malware on Android devices for years. This will continue to plague Android devices well into the foreseeable future. Existing Adware variants are expected to evolve and play a bigger role in 2016.
2. Android users will also have to be more wary of the apps they download. A recently discovered and very significant flaw in the Google Play store allows malware authors to slip fake apps through the store, bypassing CAPTCHAs so they can spread malicious malware. Some other notable forms of Android malware also have the capability of cloning social networks, such as Facebook, and popular games in order to convince people to download the apps.
3. A recently discovered bug in the Gmail Android App allows anyone to pose as someone else, hiding their real email address. While the Google Security Team has called this a non-issue, the flaw can prove to be advantageous for online scammers. This security bug, known to only affect the Gmail Android app right now, leverages a flaw in the app that allows the sender to change their display name in settings, hiding their real email address in the recipient’s inbox. A creative form of phishing, it involves cyber thieves spoofing their display name to make it appear as though the email is coming from a trusted or reputable entity, such as a popular online retailer, a bank, financial organization or even companies like Google or Facebook. To unsuspecting users, an email coming from firstname.lastname@example.org may not appear suspicious in the least, which is why this phishing trap is so successful.
4. With the growth and popularity of connected smartwatches and fitness wristbands, which are constantly gathering user data, Android-based devices powered by the Internet of Things are projected to be one of the most ominous new security risks. The personal data collected by these devices can be used against device owners to steal identities, and more. And, if smartwatch owners connect them to home, car or corporate networks, even more damage can occur. Because IoT devices are just now growing in popularity and mass appeal, users are still not expecting a hacker to target their watch, or other IoT device. By appearing in channels where unsuspecting users will not be expecting them, hackers are able to successfully launch surprise attacks, staying a couple of steps ahead of smartwatch makers’ efforts to bolster security safeguards.
Although there are many more threats to Android devices beyond these four, the bottom line is users and organizations alike need to be constantly on the defense against the increasingly creative methods cyber criminals are using to gain access to personal data and corporate networks through mobile devices. Android is the top target now, but IoS may not be far behind.