Android Malware Epidemic Expected to Grow

Tech experts said the recent malware attacks infiltrating Android phones will not subside until a large enough number of users experience the frustration and inconvenience they cause.

According to a report released by Juniper Networks, Android malware has increased by a whopping 472 percent since July 2011.

"In addition to an increase in the volume, the attackers continue to become more sophisticated in the malware they write," the report stated. "For instance, in the early spring, we began seeing Android malware that was capable of leveraging one of several platform vulnerabilities that allowed malware to gain root access on the device, in the background, and then install additional packages to the device to extend the functionality of the malware. Today, just about every piece of malware that is released contains this capability, simply because the vulnerabilities remain prevalent in nearly 90% of Android devices being carried around today."

According to Juniper Networks, attackers know this and use it "to gain access to data and services that wouldn't otherwise be available."

Tim Armstrong, a malware researcher for Kaspersky Lab, and Senior Security Advisor with Sophos Chester Wisniewski, told SecurityNewsDaily that people generally do not take the proper precautions to avoid malware and do not care about the problem until it happens to them.

"Most consumers don't care until they get their first $1,000 phone bill because their pirated Angry Birds has been calling Estonia all month," said Wisniewski.

One of the main causes of the attacks is the fact that Google's application store model lacks a code and application review process ensuring that the application is safe and came from Google itself, which "makes it easy for attackers to distribute their malware," according to Juniper Networks.

Apple, on the other hand, owns and has complete control over the iOS operating system, which requires certain codes in order to distribute any software updates or applications, making it difficult for attackers to infiltrate the system.

Armstrong said consumers need to exercise the same amount of caution when downloading applications to their phones as they would if downloading a file to their computers.

"Take permissions, for example," he explained. "For years, we've been taught on the desktop to click and click through screens until an application finally installs. Compare this with the permission-request screen of an Android app install. Most users will not take the time to read or understand every permission and its consequences. They'll just click through to start using the app. End User License Agreements are a good example of this. Who has ever read a whole one?"