Android malware is becoming increasingly prevalent and sophisticated, according to new reports by Trend Micro.
The security firm says that “newer and more complicated Android malware variants are expected to emerge, along with the rising number of malicious [...] apps.”
Recent research showed that 3.5 new threats to the platform are created every second and the growth of discovered malware rose by 1410% in the first half of this year.
Threats vary from malicious downloaders to data stealing malware and also include premium services and advertising fraud.
Trend says that malware targeting Android continues to improve in terms of performance, and it’s getting better at “using new techniques to thwart analysis and to avoid detection.”
One recent discovery comes in the form of an e-book reader which can be downloaded from a third-party app store.
The app asks the user to allow a fairly ridiculous set of conditions in order to be installed, including the ability of the app to read, edit and receive SMS and MMS.
It also requests that it be given permission to read and write contact data, have full internet access, read the phone identity, modify the contents of the SD card and directly call phone numbers and send messages.
Analysis of the app showed that it connected to two servers in order to receive commands and deliver payloads.
The second server was for an encrypted blog site, which caught the attention of researchers as it’s the first time they have seen Android malware which has “implemented this kind of technique to communicate.”
Further analysis showed that the content contained six encrypted posts which contained back-up control and command server URLs.
Further binaries had been added between July and September which were named _test, suggesting to researchers that the malware is still under development.
Once the posts in the blog had been decrypted, it was found that the files were just different variants of the same file.
The differences found revealed that newer versions of the malware “had the capability to display notifications that attempt to trick users into approving the download of an update.”
Later versions also showed the capability to kill four security products.
Whilst Trend says that the use of blogs relating to malware activity is nothing new, this is the first time it has been found in Android malware, which is “another sign of continued development and proliferation.”
To protect against security threats on an Android device, users should only download from trusted sources and ensure they have security software installed.
It is also wise to ensure auto-connect to Wi-Fi is turned off and to use the security features that come with the phone such as a security pin.