Android to become cyber criminals’ paradise, experts warn

2 Mar 2011

Android is the fastest-growing smartphone operating system on the planet and because of the ease with which anyone can upload programmes to the Android Market, it is becoming a prime target for cyber criminals, security firm BullGuard has warned.

Android is now the second-largest operating system for mobile phones, according to a new report from Gartner. And with sales of 6.8m units in 2009 and as much as 67.2m units in 2010, Android is the fastest-growing operating system.

On Android Market, where you can download thousands of applications for Android, anyone can upload their programmes without having to submit them to careful security checks.

This means they are not cleared before consumers get access to them, internet security company BullGuard warned. Hackers and computer criminals exploit this vulnerability and are creating apps that look harmless, but which contain spyware that can collect and transmit sensitive user information, such as passwords and bank details.

“Spyware doesn’t behave like a virus on a desktop computer,” said Philip Dall, mobile security expert with BullGuard.

“Spyware is designed not to disturb or destroy anything as its mission is to secretly obtain and transmit information without being detected. The information is then traded on a ‘black stock exchange’ where the going rate for credit card information is good, and subject to the same rules of supply and demand as on the legitimate markets,” Dall said.

Smartphones are becoming as intelligent as computers

The problem increases as smartphones become more and more intelligent. The hardware in new smartphones is becoming comparable to the hardware in a small laptop computer, and so consumers are increasingly using their phones to bank online, communicate with organisations and public authorities and generally make use of the same online services, which until now they have accessed from a stationary computer.

Consequently, the phones are packed with extremely sensitive data which IT criminals want to access.

“We’ve become accustomed to having an antivirus program on our computer, which also protects against spyware. But when it comes to mobile phones, there is virtually no awareness about the very same risks and few have a security program for their Android phone,” said Dall.

Dall said other mobile operating systems, like iPhone and Symbian, have a different policy to that of the Android Market, which makes for better security – but even so, malicious apps are not unheard of.

Dall recommends that Android users consider two basic security measures to stay safe: “First and foremost, you should think twice before you download applications by finding out who uploaded it, check which rights and actions the app wishes to make use of, and consider whether this sounds right or not. Secondly, you should install security software on your phone.”

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years