Another day, another bit of bad news for Android security.
Smartphone security firm Lookout Mobile Software said yesterday (Aug. 2) that the number of Android apps infected with malware increased from 80 at the beginning of January to 400 by the end of June.
Meanwhile, Android users are just as clueless about malware as are iPhone users, according to a survey released yesterday by gadget retailer Retrevo.
But there's a silver lining. Security giant Symantec said today (Aug. 3) that Android handsets differ from each other so much that at least one call-recording piece of spyware simply won't work on most of them.
Lookout's report estimated that up to 1 million Android users were hit by malware in the first six months of 2011, and speculates that 30 percent of all Android users will "encounter" Web-based (as opposed to app-based) malware this year.
Many infected apps, Lookout notes, are actually legitimate ones that have had their code stolen and altered by criminals. The infected apps are then re-released to the Android Market and "off-road" markets not controlled by Google.
Some Android users are savvy enough to watch the permissions a new app demands before it's installed. There's no reason a game needs to send text messages or read your address book — such demands are red flags that malware may be involved.
However, notes Lookout, malware writers have a new trick. Some new infected apps actually install cleanly — and then incorporate dirty malware during updates, which for many users take place automatically.
Android has two main security weaknesses: First, unlike Apple, Google doesn't analyze the apps in the official Android Market before they're released to the public.
That's how DroidDream, one of the most serious Android Trojans, was able to hide in the Android Market for weeks.
Google used its "kill switch" to remove DroidDream-infected apps from phones that had downloaded them from the Android Market, but it couldn't do much about handsets that had gotten infected apps from elsewhere.
That's Android's second weakness. You can get apps from anywhere, including fly-by-night websites with no accountability.
Again, that’s not a problem with Apple. It "locks" its iOS devices — iPhones, iPads and the iPod Touch — to only get apps from the iTunes Store. Many users "jailbreak" their devices to run unauthorized apps, but even then only certain modifications will open the door to malware.
You'd expect Android users to be aware of the heightened security risks their phones run when compared to Apple users. But the Retrevo survey found both groups to be pretty dim.
Only 36 percent of iPhone owners were aware their phones could catch a virus, while even fewer Android owners — 32 percent — believed the same about their own phones. That leaves a lot of people who presumably don't think they need anti-virus software on their smartphones.
...can be beneficial
However, Android may have an advantage in the sheer number of different phones it runs on. Apple's iOS runs on only three devices made by one company, but there are scores, if not hundreds, of Android-capable smartphones and tablets made by a couple of dozen different companies.
Many of those companies tweak, add onto and subtract from the Android operating systems they install on their devices, and many of them pass the devices on to cellular carriers that tweak them even more.
The results is a wildly fragmented Android universe in which some apps will run on all devices, but many will run on only some devices.
That applies to spyware as well, as Symantec researcher Irfan Asrar found when he took a closer look at a recently discovered app that was created to secretly record phone calls and transmit call data to a remote receiver.
Other security researchers classified the app as a Trojan ; Asrar believes it was actually created for a spouse to spy on a wayward partner.
The app ran perfectly in a PC-based Android emulator. But when Asrar installed on actual handsets, all but one of them crashed.