by RSS Karine de Ponteves  |  Nov 23, 2011  |  Filed in: Security Research

On 15th november 2011, Google's mobile operating system Android reached 52.5% of the global smartphone market share. And with it an almost sixfold increase in malware threats.

Gartner's share of worldwide 2011 Q2 smartphones sold to end-users by operating system.

Fortinet numbers show an increase of 83% for malware creation in 2011 compared to 2010 even though the end of the year has not been reached.

] Number of distinct Android samples received by Fortinet in 2011

The Top 5 malware families, in the number of variants, accounting for nearly half of Android malware found in 2011 include:

  • Geinimi: Android's first botnet.

  • Hongtoutou: A trojan wallpaper which steals IMEI and IMSI and includes an update feature.

  • DroidKungFu: Another botnet stealing private information.

  • JiFake: Fake Jimm (instant messenger) application which sends SMS messages to premium numbers.

  • BaseBridge: A trojan that sends SMS messages to premium numbers.

The main threats include information stealing and financial harm as cyber-criminals try to make money out of these malware.

It should be noted these malware are usually downloaded via the Android Market, either trying to pass as a legitimate application, but can be also found within legitimate application they have infected. A good example is Geinimi which could be found within the legitimate application "Sex Positions" and was downloaded more than 1 million times.

by RSS Karine de Ponteves  |  Nov 23, 2011  |  Filed in: Security Research