The occurrences of malware on the Android Market made a leap upwards of 472% in the last several months, according to a report from Juniper Global Threat Center, as noted by Jim Dalrymple of The Loop.
The report found that October and November are shaping up to be the fastest growing months in Android malware discovery ever as well, so it’s not slowing down.
The Juniper report found a 400% increase from 2009 to the summer of 2010 and an exponenti9al jump over the last several months. The number of samples that it discovered in September increased 28%, October was 110%. That’s a huge amount of acceleration.
Juniper focuses on the fact that the submission of apps onto the Android Market has little inbuilt protection against malicious apps. This is a diametric approach to the way that Apple handles app submissions on its much more “closed” App Store.
The sophistication of the malware has also seen a change, with vulnerabilities in Android being exploited in Android more effectively. In fact, several of these holes in the Android OS have been known of since earlier this year, but remain un-fixed, says Juniper.
Today, just about every piece of malware that is released contains this capability, simply because the vulnerabilities remain prevalent in nearly 90% of Android devices being carried around today. Attackers know this, and they’re using it to gain privilege escalation on the device in order to gain access to data and services that wouldn’t otherwise be available.
The malware that Juniper sampled has focused on, 55% acts as spyware and 44% are SMS trojans that send messages to numbers that charge the users to send messages, all in the background without their knowledge.
Juniper says that the fundamental difference in code signing and application approval approaches between the Android Market and the App Store are a large part of what makes Apple’s platform more secure.
There are certain characteristics of applications allowed to run on Apple’s platform, including aggressive sandboxing and limited access to APIs, but the store approval process acts as a gatekeeper, keeping out many, if not all, malicious apps.