Ah, Android malware! Who doesn't love to dabble in the dark and dreary place where all the bad Android 'wares manifest?
Over the years, we have slowly watched the mobile space turn into a playground for malware developers. With smartphone penetration exceeding 50 percent of the mobile market here in the United States, it has gained the attention of malware developers who, otherwise, would have kept their efforts focused on desktop platforms. And with Apple's ecosystem thriving behind a walled garden and the rest of the mobile platforms barely a blip on the map, Android's fairly open system has become a breeding ground for Trojans, spyware and other malevolent bits of code.
Back in August 2011, Lookout Mobile Security published a Mobile Threat Report that alluded Android malware was experiencing a serious uprising. Monitoring over 700,000 applications installed on over 10 million devices, Lookout discovered that Android malware had increased by over 250 percent over a six-month period, meaning users' devices were two and a half more times likely to become infected with malware.
A report from November 2011 revealed that things weren't slowing down at all. Between July and November, Android malware increased 472 percent, according to a study performed by the Juniper Global Threat Center.
Since then, various reports have surfaced, all alleging the same basic idea: Android malware is a wild, out of control force that can't be stopped. Drop everything, folks, and purchase malware protection software for your Android smartphone right away!
Through all of this, however, you have to consider who is doing the majority of the research and who gains the most from the findings. Sure, readers may have become more enlightened by Lookout's Mobile Threat Report in late 2011. But Lookout is obviously fishing for more users and banking on the fact that they don't know just how out of proportion the numbers really are.
In essence, it's all a big sales pitch and I imagine there are a lot of biters out there.
The truth is, more recent studies show that Android malware is not quite as daunting and ominous as previous research has contended, so long as you download your applications from reputable sources. In mid-November, F-Secure released its Q3 2012 Mobile Threat Report, a 40-page document covering – in very fine detail – mobile malware and, of course, its status on Android. In search of more transparency, The Next Web asked F-Secure for more information. Following is the breakdown of what The Next Web found:
"Here’s what you have to know: out of the 51,447 samples discovered by the security firm last quarter, 28,398 were malicious samples, 146 of which came from Google Play, and 23,049 were potentially unwanted software (PUA), 13,639 of which came from Google Play.
This means that 55.20 percent of the samples were malware and the remaining 44.80 percent were risky. The difference is important: malicious apps intentionally cause harm to you or your phone, while risky apps do things like steal data, damage privacy, make payments, track web browsing, send your location, and so on.
More importantly, if only 146 of the 28,398 malware samples were found on Google Play, that means 0.51 percent were on the company’s store. This means most users, at least in countries where Google Play is available, won’t ever see these malicious apps."
That's right. If you stick to the Google Play Store and avoid applications that look or sound shady (check the permissions before installing, ladies and gents!), your chances of getting malware on your Android device are slim to none. Remember the Bouncer service Google announced earlier in February? It parses all files developers upload to the Play Store for common malware code.
No less, the "issue" abounds. And mobile security providers are not the only ones who seek to profit from this disproportionate tale. Yesterday evening, in yet another failed marketing attempt, Microsoft's official Windows Phone twitter account, windowsphone, asked its followers a seemingly naive question. The tweet reads as follows:
"Do you have an Android malware horror story? Reply with #DroidRage with your best/worst story and we may have a get-well present for you."
To say Microsoft's marketing attempt to call out Android on malware "backfired" would be quite the understatement. By the hundreds (maybe even thousands), Android users poked fun at the tweet, saying things like, "'Microsoft #DroidRage campaign boosted sales by 200% yesterday, analysts uncertain if that was two or three phones.'#OppositeOfWinning," by Twitter user stuckindystopia.
Needless to say, Microsoft, I have never had DroidRage from any sort of Android malware. In fact, the last time I came face to face with malware of any sort was about three years ago – the last time I used a Windows 7 machine. And I imagine those who have experienced DroidRage from Android malware are few and far between, considering they had to venture outside the Google Play Store to find said malware.
Microsoft, please do yourself a favor and take another tactic. Try not attacking the competition over a non-issue and focusing on bringing more phones to more carriers, more functionality to your own platform, more quality apps to your application catalog and building out your skimpy ecosystem before pointing fingers.
Malware aside, instead of DroidRage, I have WPRage because there is not a single Windows Phone 8 device I'm dying to have. Tell me, readers. Have you ever experienced DroidRage due to Android malware? Some other issue? Or have you been enraged over another platform instead?