F-Security Finds 51,447 Android Malware Apps in Q3

The fight for privacy and data protection is fierce in the mobile market, and unfortunately for Android the results aren’t looking good. Being the most popular mobile OS on a global scale attracts malware, which, according to F-Secure’s latest mobile threat report, has spiked during the third calendar quarter.

F-Security Android Malware

To put that into numbers: F-Secure detected a “whopping 51,447 unique samples” in Q3, up from 5,033 in the second quarter and 3,063 in the January to end of March period. The huge growth has happened despite Google’s efforts to ensure its users that Android is a secure mobile OS: it introduced an additional security layer to the Google Play store, and acquired an online virus and malware scanner company, VirusTotal.

However, an interesting fact spotted by TechCrunch in the F-Secure report is that most of the malware code was detected in third-party app markets in regions such as China and Russia. From this perspective, it is a clear push towards the Google Play store, which apparently now has all the necessary tools to ensure its users a secure marketplace.

“The surge may better be attributed as a natural consequence of the continued high growth in Android smartphone adoption this quarter, particularly in regions such as China and Russia. In fact, in Q2, China officially surpassed the United States as the largest market for smartphones, with Android handsets accounting 81% of that market.”

“These expanding markets have also been notable for the proliferation of less-secure third-party apps markets, which are popular with users for various reasons. This factor may also account for the increasing number of malicious samples seen this quarter.”

You may recall, that Google has initiated several moves to push its Play store towards a more App-Store-like mobile application marketplace, and these reports are clearly helping its efforts.

Yet Google Play isn’t the only mobile app store affected by security concerns. Earlier this year, a Romania-based antivirus company’s application was removed from the App Store, because it scanned applications for “malware”. What the “Clueful” app could find — before the launch of iOS 6, where Apple has tightened the screw of privacy and data/user protection — after scanning about 65,000 apps, was that 42.5% of apps don’t encrypt users’ personal data even when accessed via public Wi-Fi, and that about 20% of apps have access to Address Book.

An earlier mobile security report signed by Juniper didn’t find any malware in the App Store, but highlights some iOS-related issues:

“While malicious applications on the iOS platform are limited in large part due to Apple’s closed application marketplace and stringent screening model, it does not necessarily make it fundamentally more secure. For one, when a user ‘jailbreaks’ their device by removing the limitations on the operating system, the device can be susceptible to malicious applications downloaded from third-party sources.”

What is your take on mobile privacy and security? What kind of app(s) do you use for data protection? Share the knowledge in your comments.