Security Experts:

Trend Micro Says Android is Under Siege

According to its security roundup for Q3 2012, Trend Micro says that the number of high-risk and overall dangerous applications targeting the Android platform is more than five times the size it was last quarter.

The security firm says that the number of Android threats climbed from 30,000 in June, to 175,000 in September. While some apps are clearly criminal, Trend said, like those that secretly purchase premium smartphone services, others are more of a privacy threat. The privacy risk comes from the "Aggressive Adware" apps, which collect more personal information than the user has authorized.

Further, their findings suggest that application developers may even be aware of the problem, thanks to the existence of rogue ad networks, and users are often left wide open to attack, given that 80% of them use no additional security on their device. The most common attack method, when it comes to malicious Android applications, is the fake application.

These knock-off programs often claim to be the real thing, but come packaged with various malware. In the top ten list of the most commonly seen Android malware, the fist and second place finishers accounted for more than 50,000 attacks since June.

"It's actually no surprise that we see such a huge increase in mobile malware," said Raimund Genes, CTO, Trend Micro. 

"Android is the dominant smartphone platform with an amazing success story. The digital underground reads the statistics and analysts reports as well, and they figured out way to make money with mobile malware," Genes added. "And unlike your computer, getting information from your phone also reveals your location, the phone numbers you have called – and more – all stuff which could be sold."

In addition to mobile threats, the report also covers other incidents that have taken place in the last few months, including the latest version of the Blackhole Exploit Kit. Since its release last month, it has systematically targeted social networks, as well as financial properties, in an effort to infect mass amounts of users.

The full report from Trend Micro is available here in PDF format.

Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.