Everyone loves an operating system that’s open source since it offers many additional benefits that something like Apple’s iOS doesn’t, but there’s always a drawback to what everyone loves. When it comes to Google’s Android, it’s malware — and more than just that of the average PC’s quantity. Juniper Global Threat Center published a report on Tuesday detailing the tremendous growth in malware on Google’s mobile operating system. According to the research that threat center conducted, Android has experienced a 472% escalation in malware samples since July of this year, with the largest months of growth being October and November. This makes you wonder, how is it possible for such an egregious thing to happen to the innocent little green robot? Keep reading to find out.
The main reason for such an increase in security threats is the process by which developers get their apps onto Google’s Android Marketplace. It takes a matter of minutes — and a few dollars ($25) — to complete the developer registration process, which anyone can do. Once a malicious individual has completed his registration, all he has to do is develop a malevolent app and trick users into downloading it. If the users fall for this, then it’s over. All of their “protected” information can be stolen because Google doesn’t operate an app review process like Apple does on their App Store. The malicious apps can vary from keyloggers to privacy-invading apps that take use of your phones camera to apps that completely destroy your phone and steal all of your data. The possibilities don’t end here, either.
This process is a perfect way to attract developers and attain many additional apps on a platform, but it’s a terrible way to retain security. The small $25 one-time fee is welcoming to developers who wish to submit their apps to a rapidly growing platform, especially when compared to Apple’s $99 fee to become an iOS developer. However, it would be much, much better if Google were to institute a slightly higher fee to support some extra staff that will act as the review team for newly submitted apps.
While a more secure way to run things would be by using an approval process, it’s definitely not the perfect method. Apple’s review team has missed things before and they will continue to do so because there’s absolutely no way to keep out every attempt. But small issues like this never render the process useless since Apple’s platform still remains to be far less polluted than Android. If Google took Apple’s example, then the chance of their mobile users being swarmed with malware would not take place at such magnitude as it does today.
With no upfront review process, no one checking to see that your application does what it says, just the world’s largest majority of smartphone users skimming past your application’s description page with whatever description of the application the developer chooses to include.
The main reason for the malware epidemic on Android is because of different approaches that Apple and Google take to police their application stores. Android’s open applications store model, which the lacks code signing and an application review process that Apple requires, makes it easy for attackers to distribute their malware.
If you own an Android device and are concerned about your security, then please head over to Juniper Global Threat Center’s article for more in-depth information.