The battleground of malware no longer just Windows as Android users get hit

The battleground of malware no longer just Windows as Android users get hit

When it comes to things like viruses, trojans, and other forms of malware Windows has always been the biggest bulls-eye in the computing world. Both Mac and Linux have claimed that because of the way that they are coded it is next to impossible for those platforms to become infected.

Of course anyone with half a brain would be able to also point out that the whole point of malware was to infect the broadest number of computing devices as possible and that up until recently neither Mac OS X nor Linux had a big enough platform footprint to make them worthwhile targets.

That of course has changed with the proliferation of smartphones and other mobile computing devices. We are already see, as both the Mac and iOS powered devices increase their marketshare, that contrary to pontificating Apple fanbois blatherings these two Apple platforms are now in the sights of malware creators.

This only left Linux, which like Mac OS is just another off-shoot of the UNIX platform, as the virgin territory for malware writers, that was until Android, which is based off of Linux, came along.

Android powered mobile devices have taken a commanding lead in sales and don’t look to be slowing down anytime soon and it is because of this popularity that Android users will start finding themselves as a great big target for malware infections.

A prime example of this happening is the latest report that according to Lookout Security there are between 30,000 and 120,000 Android users infected with a brand new variation of the already in the wild called Droid Dream.

This new variation, thought to be written by the same developers, is called Droid Dream Lite and is known to have infected over 50 applications, which Google has apparently removed from the Android Marketplace.

While the name of the malware might seem to be “harmless” it is in fact even more dangerous that its fore-bearers, as outlined by Sara Perez at ReadWriteWeb:

Droid Dream Light is a stripped down version of the original DroidDream, says Lookout. Its malicious components are invoked upon the receipt of a “android.intent.action.PHONE_STATE intent” – for example, an incoming phone call. That means that this variant is not dependent on the manual launch of the malicious application in order to trigger it into action. Instead, explains Lookout via blog post:

The broadcast receiver immediately launches the <package>.lightdd.CoreService which contacts remote servers and supplies the IMEI, IMSI, Model, SDK Version and information about installed packages. It appears that the DDLight is also capable of downloading and prompting installation of new packages, though unlike its predecessors it is not capable of doing so without user intervention.

In other words, despite the malware’s designation of “Light,” in some ways it’s actually more malicious as it requires no user actions to take place in order for it to launch.

As much as some Apple and Android fanbois might want to bury their heads in the sand the fact is that the Windows only party is over. Malware authors now have more targets to aim for and those targets will only get bigger as Apple and Android products continue to surge ahead in sales.

Comments