Android Malware–the threat is just beginning

androidattack

Image via IntoMobile

At a recent conference Norton has told attendees the Android Malware threat is just beginning, with the platform having the perfect properties to entice malware writers.

They said the platform is open, ubiquitous and monetizable, noting that the recent Android.FakePlayer attack netted the hackers $13 per download by sending premium text messages in the background.

Commenting on the ease of creating Malware and making it available on the Android marketplace,  they note how simple it was to download an app,  run an off-the-shelf tool with a command line prompt that will decompile it, add the malicious code, adjust the manifest, recompile it and then be ready to submit the app to Marketplace, where Google only polices applications after the fact, rather than preventing infection in the first place.

The company expected a wave of apps using premium billing rates, spyware, search engine poisoning, adware, pay-per installs and more.

The increasing presence of legitimate 3rd party apps stores like the Amazon App Store and Get Jar meant even if Google upped policing they could not practically ensure the safety of users.

According to Norton this contrasts with other platforms with curated app stores like the iPhone (and by extension Windows Phone 7) where, unless devices are jailbroken, no practical threat exists.

Read more at IntoMobile here.

Comments