Report: Android malware skyrocketing, iPhone malware rare

| Monday, August 8th, 2011

It seems like every way we look these days there’s another security concern to worry about. While most of us have come to accept malware threats on our computers as a cost of doing business online, very few of us have actually taken a moment to think about how the malware world is knocking on our pocket doors, looking to infect our trusty smartphones.

According to the fine folks at CBC News, 38 percent of American adults now carry a smartphone, up from just six percent in 2007. The staggering consumer-smartphone explosion brings with it new challenges and adventures for those looking to exploit the pocket computers we’ve all come to rely on on a daily basis.  Exploiters are looking to maximize their profits, and our smartphones seem to be the target of choice these days.

Lookout Inc. co-founder Kevin Mahaffey pointed out to CBC News that virus threats seem to be doubling every few months. Although back in January there were only a few hundred attempted infections every day, Lookout Inc. is now seeing well north of those numbers. As a case in point, “Google has recently removed 100 malicious applications from its Android Market app Store. One particularly harmful app was downloaded more than 260,000 times before it was removed.”

How does the iPhone stack up to Android?

According to findings from Lookout Inc., there is quite a discrepancy between the Android world and the walled iPhone garden. We already pointed out some numbers  based on those shady Android applications, but the iPhone seems to have far fewer problems with malware. It’s assumed that the difference has a lot to do with the different application approval processes each market place requires developers to undergo. More specially, Apple requires applications be examined before their inclusion in the App Store, while Google does not.

[quote]Lookout says it has seen more unique strains of Android malware in the past month than it did in all of last year. One strain seen earlier this year, called DroidDream, was downloaded more than 260,000 times before Google removed it, though additional variants keep appearing.[/quote]

There are a lot of reasons why a walled garden approach is problematic, but security isn’t one of them. If you’re the type of person who prefers to worry about actually getting things done, instead of worrying about whether or not an application will start billing your phone nefariously, then the walled-garden approach has serious benefits to users. But, and this is a big but, a walled-garden approach isn’t exactly fail safe either. Last month Apple had a problem with a PDF based exploit.  There were no reports of the PDF exploit being used in the wild, but the potential existed nonetheless. Thankfully the exploit has already been patched by Apple.

If we’re being honest here, and cutting away all of the propaganda on both sides of the Android and iOS debate, it’s pretty obvious that the majority of users — we’re talking the average citizen here — have no clue how to combat malware and avoid the pitfalls associated with the shady world of malware exploits. The install and ask questions later approach is still alive and well in society, and that’s a problem for everyone.

There are plenty of reasons why having someone curate an application store is dangerous, but again, security isn’t one of them. If Lookout Inc. co-founder Kevin Mahaffery’s thoughts in the CBC News article can be trusted, Apple’s doing a better job of protecting its users from malware than Google is currently. Given that Android now holds the majority of the market-share in the smartphone sector, this is a serious problem that needs addressing.

It could change in the future, but as it stands, you’re less likely to face malware problems using an iPhone than you are rocking an Android device. Hopefully that changes sooner rather than later.  Better yet, hopefully Google gets serious about handset security and does something about protecting its users from the problem.

Note: We’d like to point out that being “more secure” doesn’t actually mean that you are “secure.”  So make sure you take the proper precautions when using both your mobile devices and your computers.  It’s better to be diligent than it is to assume someone else is looking out for your interests. Ultimately, security protocols are your responsibility. Make sure you’re keeping yourself informed.

Source: Associate Press
Via: CBC News
Image Credit: indigo11 / Flickr

Next Up On Macgasm

View Article