“This past year can be viewed as the year of Android malware with more than 9,000 escalations, clearly illustrating the exponential growth of threats targeting this platform,” said Paul Lipman, CEO at Total Defense.
“The rise of Android malware opens up an interesting debate about security architectures and the merits of open versus closed systems. While users have the ability to install any code, from anywhere, the problem is that criminals see this as an advantage too,” he added.
The report identified and analyzed the most notorious Android malware in 2011 that used social engineering tricks to lure users:
AndroidOS/Foncy: an SMS-Trojan that differentiates itself from others in this category by choosing different destination message centers based on country code.
AndroidOS/Dogowar: a Trojan created by malware authors socially motivated to stop animal cruelty.
AndroidOS/Fakeneflic.A: a Trojan belonging to the InfoStealer category that tricks users by disguising itself as popular software that requires login credentials. If the user is successfully tricked, the entered credentials will be posted to a hosted website.
AndroidOS/WalkSteal.A: a unique SMS-Trojan created with the intention to “teach” a lesson to the users who are interested in using pirated applications.
AndroidOS/FakePlayer.A: an SMS-Trojan that uses a familiar social engineering trick of disguising as a media player. When executed, it sends four SMS messages to a premium number.
AndroidOS/Golddream.A: a Trojan that disguises itself as gaming applications where upon it monitors and records information about incoming/outgoing calls, incoming SMS messages in plain text files that is uploaded to a hardcoded URL.
“The malware landscape is changing at a rapid pace with cyber-criminals producing new malware variants at an exponential rate,” said Lipman. “The proliferation of consumer digital devices for convenient Internet access coupled with our global socio-economic climate continues to serve up a perfect storm for online criminal activity. Our goal is to empower end-users with solutions that can provide them complete protection in this dangerous digital world.”