Android is now the second largest operating system for mobile phones, according to a new report from Gartner. And with sales of 6.8 million units in 2009 and as much as 67.2 million units in 2010 Android is the fastest growing operating system. This makes Android a prime target for computer criminals, according to internet security company, BullGuard.
Using spyware applications from Android Market, thieves are able to harvest personal information and then sell or use the details to drain credit cards, for example.
Android is about to become the most widely used OS on mobile phones, but with Android comes a security vulnerability that few users take into account. On Android Market, where you can download thousands of applications for Android, anyone can upload their programs without having to submit them to careful security checks. This means they are not cleared before consumers get access to them, states BullGuard.
Hackers and computer criminals exploit this vulnerability and are creating apps that look harmless, but which contain spyware that can collect and transmit sensitive user information such as passwords and bank details.
“Spyware doesn’t behave like a virus on a desktop computer. Spyware is designed not to disturb or destroy anything as its mission is to secretly obtain and transmit information without being detected. The information is then traded on a ‘black stock exchange’ where the going rate for credit card information is good, and subject to the same rules of supply and demand as on the legitimate markets,” said Philip Dall, mobile security expert with BullGuard.
The problem increases as smartphones become more and more intelligent. The hardware in new smartphones is becoming comparable to the hardware in a small laptop computer, and so consumers are increasingly using their phones to bank online, communicate with organisations and public authorities and generally make use of the same online services, which until now they have accessed from a stationary computer. Consequently, the phones are packed with extremely sensitive data which IT criminals want to get hold of.
“We’ve become accustomed to having an antivirus program on our computer, which also protects against spyware. But when it comes to mobile phones, there is virtually no awareness about the very same risks and few have a security program for their Android phone,” said Dall. Other mobile operating systems like iPhone and Symbian have a different policy to that of the Android Market which makes for better security – but even so, malicious apps are not unheard of.
Dall recommends that Android users consider two basic security measures to stay safe: “First and foremost, you should think twice before you download applications by finding out who uploaded it, check which rights and actions the app wishes to make use of, and consider whether this sounds right or not. Secondly, you should install security software on your phone.”