The U.S. Home Land security Department along with FBI has prepared an internal bulletin on Security breaches and attacks on Android mobile devices. According to the bulletin Android accounts for 80% of the mobile Os market . Android has an open source architecture and is easily customizable, this major business and technical difference is its advantage and is also becoming a serious threat. Criminals are misusing this fact to steal personal data, uploading fake applications of premium services and hacking banking details. Out of all 44% of the Android users are still using Gingerbread and this version 2.3.3 and 2.3.7 released in 2011 has the worst code to prevent virus and malware attacks . Whereas Google has started taking necessary steps in in its recent Jelly bean which allows users to remove suspicious apps .
Next to Android Symbian is the most affected but , this number might belong to those customers who still use a feature phone and will most probably will change to a smart phone in near future. Apple has a strict screening of applications before publishing it on the app store. This quality control measure of Apple makes it the most safest mobile Os which is popular as well. We can say this even after Windows Mobile and BlackBerry having only 0.3% because the number of apps in their Markets are very less compared to Apps in App store . we should not forget that Apple was the first to introduce App market.
According to a research by Kaspersky some insights about threat distribution in Various Android Mobile Os versions are shown below
The 2.3 and 2.2 versions collectively are affected as compared to the latest version. Security standards should be a major index to be kept in mind while designing new versions and supposedly Google has taken some initiatives to check this inconsistency. It is planning to D
Some of the major malware which has been identified by the bulletin are
- SMS Trojan: sends messages to premium rated numbers owned by criminals leaving the user with heavy mobile charges.
- Rootkits: logs the user’s locations, key strokes and passwords without his knowledge.
- Fake Google play domains: Tricks user to install malicious applications that enable criminals to steal financial data and user log in details.
Some third-party security applications are available on market which can solve the problem but Android has to take bare minimum steps to block and remove malicious apps from market itself .
This problem as such is not a concern of Home Land security department but since many local , federal and state authorities in US are using Androids , their intervention is justifiable.