Q3 sees huge malware surge on Android OS

A mobile threat report from F-Secure has found that the year's third quarter has seen a huge rise in malware on the Android operating system.

The Finnish security service identified 51,447 unique Q3 samples, which represents a massive increase from Q2's total of 5,033 and Q1's total of 3,063, in a document published yesterday.

This news comes despite Google's intensified focus on the prevention of such problems, after the announcement of the Bouncer security mechanism in February (it was actually deployed last year), the birth of Google Play in March and the September acquisition of online malware scanner VirusTotal.

Bouncer's function is to automatically scan both new and existing Google Play apps for malicious content, and is claimed by Google to have lowered dangerous app downloads by 40 per cent during 2011.

The escalation, according to F-Secure, can mainly be ascribed to the fact that the OS is by far the most popular in the world, with three quarters of all smartphone shipped in Q3 running Android.

The report states, "The surge may better be attributed as a natural consequence of the continued high growth in Android smartphone adoption this quarter."

F-Secure also highlights that Android's high rates of growth in countries such as China and Russia (which use a variety of third-party sources for Android apps) have had a profound effect on the reported statistics. According to the report, China has the largest market for smartphones, with Android devices making up over four fifths of it.

"These expanding markets have also been notable for the proliferation of less-secure third-party apps markets, which are popular with users for various reasons. This factor may also account for the increasing number of malicious samples seen this quarter," said F-Secure.

Of the 42 new types of malware detected in Q3, the majority are "designed to generate profit from SMS sending activities or by harvesting information found on the infected device." In this case, attackers attempt to force devices to send SMS messages to premium subscription services. This contrasts with F-Secure's Q2 Mobile Threat Report, which was dominated by driveby malware.