Malware, however, is a different case – the human element is always the weakest in a computer system , if you can engineer it for a user to choose to download the software, unknowingly, then you are always away… A particular concern for application market places, of course.
This seems to be the case for a malware app – a so-called “Trojan app” (pictured right) that can record conversations on a phone and forward them on – being widely reported today, found by researchers at CA Technologies. You can read about it on ZDnet UK and The Guardian…
The researcher Dinesh Venkatesan writes:
We have been recently blogging about many Android malware as the threat landscape has been witnessing an increasing trend in targeting the mobile platforms and today we have received an Android package to our collection and observed that this piece of malware walks an additional mile by having a neat configuration and has a capability to record the telephonic conversation the infected victim makes.
On the same theme, CNet is highlighting the general increasing prevalence of malware for Android devices. Inevitably, I suppose, as a platform grows more popular, the more worthwhile it is for attack, sadly.
Elinor Mills of CNet writes:
An estimated 500,000 people were affected by Android malware in the first half of this year, a period when apps infected with malware rose from 80 in January to more than 400 in June, according to the report, which focuses on Android and Apple’s iOS. Lookout collects data from more than 700,000 Android and iPhone apps and 10 million Android devices around the globe, and offers free and fee-based versions of a security service for the open source Android platform, but not for iOS. While Apple vets every app before allowing it to be sold on the Apple App Store, the Android Market allows any app to be published but provides detailed information about what permissions the app has on a device.
Two of the most prevalent Android threats were DroidDream, which prompted Google to remove malware-infected apps that drop a Trojan on devices from the Android market in March and again in July, and GGTracker, according to the Lookout Mobile Threat Report. Authors of DroidDream released more than 80 unique apps with different malware variations that were designed to take control of a device. Typically, the malware distributors take legitimate apps and repackage them in the hopes that people will confuse them with the legitimate apps.