Wednesday, February 17, 2010

Android's malicious apps


Android, a Linux based mobile operating system intially developed by Android Inc., and later purchased by Google. Google recently released their new mobile "Nexus One"with android OS. Google allows developers to write managed code in the Java language, controlling the device via Google developed Java libraries.
So far in 2010 Google android has proven to be a hot topic with increasing popularity. As it popularity increases it becomes the target for hackers and malware writers to explore its security.  As per kaspersky, "2010 promises to be a difficult time for iPhone and Android users,".
As per kaspersky press release
An increase in attacks on iPhone and Android mobile platforms. 2010 promises to be a difficult time for iPhone and Android users. The first malicious programs for these mobile platforms appeared in 2009, a sure sign that they have aroused the interest of cybercriminals. The only iPhone users currently at risk are those with compromised devices; however the same is not true for Android users who are all vulnerable to attack. The increasing popularity of mobile phones running the Android OS combined with a lack of effective checks to ensure third-party software applications are secure, will lead to a number of high-profile malware outbreaks.
They also made five other predictions on greatest threats and new attack vector and they are
  • A rise in attacks originating from file sharing networks. This year, we will see a shift in the types of attacks on users, from attacks via websites and applications toward attacks originating from file sharing networks.
  • An increase in mass malware epidemics via P2P networks. In 2009 a series of mass malware epidemics has been “supported” by malicious files that are spread via file sharing networks. This method has been used to spread notorious threats such as TDSS and Virut as well as the first backdoor for Mac OS X. In 2010, we expect to see a significant increase in these types of incidents on P2P networks.
  • Continuous competition for traffic from cybercriminals. The modern cybercriminal world is making more and more of an effort to legalize itself and there are lots of ways to earn money online using the huge amount of traffic that can be generated by botnets. In the future, we foresee the emergence of more "grey" schemes in the botnet services market. These so-called "partner programs" enable botnet owners to make a profit from activities such as sending spam, performing denial of service (DoS) attacks or distributing malware without committing an explicit crime.
  • A decline in fake anti-virus programs. The decline in gaming Trojans witnessed in 2009 is likely to be repeated for fake anti-virus programs in 2010. Conficker installed a rogue anti-virus program on infected computers. The fake anti-virus market has now been saturated and the profits for cybercriminals have fallen. Additionally, this kind of activity is now being closely monitored by both IT security companies and law enforcement agencies, making it increasingly difficult to distribute fake anti-virus programs.
  • An interest in attacking Google Wave. When it comes to attacks on web services, Google Wave looks like it will be making all the headlines in 2010. Attacks on this new Google service will no doubt follow the usual pattern: first, the sending of spam, followed by phishing attacks, then the exploiting of vulnerabilities and the spreading of malware.
Users of mobile devices with Android software may have noticed several applications available for download in the Android Marketplace. If you see any applications provided by the user Droid09, please do not download these applications. Android applications provided by Droid09 are fraudulent. Please remove any applications by Droid09 from your mobile device and contact your mobile provider to evaluate whether any other applications or information stored on your mobile device have been compromised."
Here is a link describing the fraudulent app that attempts to steal bank information has made it to the Android app store.
To know more about android and its architecture visit android developer center or click here