The top three Android malware "families" are considered to be SMSSend; GinMaster; and Fakeinst. The most common types are Trojans that rely on malicious additions injected into the packages of clean, legitimate programs, especially popular gaming and casino apps, which are then distributed in various apps stores. According to F-Secure, these malicious apps often have "a new name reminiscent of the clean app." These malicious apps, typically tied into botnets, essentially represent a new twist on social engineering since they "take advantage of the user's overriding desire to install and use a popular app to gain the permissions needed to execute their malicious behavior." Most of the mobile threats seen in 2013 were financially motivated.
In its report, F-Secure identified the top 20 most popular apps in the Google Play Store and investigated the rate of "trojanization" of these apps, most of them popular games. The good news is that F-Secure found the least likely place that a user would encounter a trojanized app was in the Google Play Store, at a low .1 percent of the samples examined.
That's because Google Play Store is most likely to "remove nefarious applications, so malware encountered there has a short shelf life," F-Secure says. However, the Android user would be far more likely to find these trojanized apps in the large Android app marketplaces AnZhi, Mumayi, Baidu and eoeMarket, which mainly cater to the mainland Chinese user population.
The worst though, apparently, was a market called Android159, where a third of the samples examined turned out to malware.
Ellen Messmer is senior editor at Network World, an IDG website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: firstname.lastname@example.org
Read more about wide area network in Network World's Wide Area Network section.