Android malware is the fastest-growing malware arena – a fact that few dispute. New research has dug into some of the details behind the growth, after finding that malicious apps in the Google Play store spiked almost 400% in 2013.
According to RiskIQ, from 2011 to 2013, malicious apps have grown in volume by about 388%. For 2011, 2012 and 2013, the percentages of malicious apps in the Google Play store were 2.7%, 9.2% and 12.7%, respectively.
However, the percentages for malicious mobile apps that have been removed by Google has gone consistently down, standing at 60%, 40% and 23%, respectively, according to the research.
Apps for personalizing Android phones led all categories as most likely to be malicious – the most downloaded malicious app in 2013 was Talking Angela. Overall, the top five app categories with the most malware are personalization; entertainment; education/books; media/audio/video; and sports.
Another most-downloaded malicious mobile app last year was Run Run Bear II; in 2012 it was Speed Night and in 2011, Where's My Droid.
Malicious Android apps can perform a variety of functions, starting with basic information gathering. Most collect and send GPS coordinates, contact lists, email addresses and other useful information to third parties, who can then make use of the information for phishing campaigns and the like.
Many apps are scams that send SMS messages to premium-rate numbers, without the user knowing; or they subscribe infected phones to premium services that either don’t do what they advertise, overcharge or act as a backdoor for something else.
Some record phone conversations and send them to attackers in a classic cyber-espionage gambit; still others allow remote attackers to take control over the infected phone.
"The explosive growth of mobile apps has attracted a criminal element looking for new ways distribute malware that can be used to commit fraud, identity theft and steal confidential data," said Elias Manousos CEO of RiskIQ, in a statement. "Malicious apps are an effective way to infect users since they often exploit the trust victims have in well-known brands and companies they do business with like banks, insurance companies, healthcare providers and merchants.”