“Massive” spike in Android malware reported

It’s not just Tibetan and Uyghur activists who need to worry about the security of their Android smartphones, though they should definitely be worried. Security firm McAfee’s threat report for the first quarter of 2013 shows a “massive increase” in new Android malware that began late last year.

More than 14,000 samples of Android malware were discovered in the first quarter of 2013 on top of the nearly 16,000 in the fourth quarter of last year. By contrast, at the end of 2011 McAfee reported only handfuls of new Android malware.

Hackers had been using apps as their main malware avenue for Androids, but McAfee says the tactics are shifting toward spam, phishing emails and SMS messages.

For the Uyghur activists who are seeking more freedom for their brethren in China, the malware arrived via a phishing email inviting users to attend the “World Uyghur Congress.” When a user clicked to register, malware began recording the user’s latitude and longitude and stealing phone contacts and call records, according to McAfee.

The malware offensive against the activists was first reported by McAfee and others in March.

McAfee is warning businesses and employees -- not just activists with Android phones -- to be cautious. Brent Conran, McAfee’s chief security officer, counseled selectivity when deciding who should be allowed to use a personally owned device for work. “Bring your own device probably isn’t a good idea for the legal department. It’s probably not a good idea for research and development. Maybe it’s a good idea for the sales force,” Conran said in a media briefing.

McAfee executives aired two schools of thought about why malware is more prominent among Android users than among iOS users.

One reason could be the large Android “footprint” around the world, which spells a potentially lucrative market for hackers who are showing more attention to returns on their investments. For example, hackers now regularly re-use malware. Another reason for the disparity could be that the Android operating system is an open platform, “whereas the Mac side of the world does some vetting of their apps,” said Phyllis Schneck, chief technology officer for McAfee’s public sector work.

Schneck suggested that iOS users shouldn’t become complacent. “Will that (disparity in malware attacks) level off? Probably,” she said.

The new report doesn’t assign attribution for the offensive against the activists or chime in about the allegations of Chinese government espionage against U.S. businesses. It examines the locations of servers without attribution.

North America -- “chiefly the United States” -- is home to the most servers hosting malware and suspicious content, according to the report.

In the Asia-Pacific region, Hong Kong has more servers hosting malicious content than does the rest of China.

More from the “McAfee Threats Report: First Quarter 2013”:

Fast success for new European Cybercrime Centre, EC3 >> “Most of the police successes we noted during the quarter involved EC3.”

Curious origin for some phishing urls >> “We were surprised this quarter to find Antarctica on this list!”

Spam’s big comeback >> “We counted 1.9 trillion messages in March. That’s lower than record levels but about twice the volume of December 2012.”

Not the piece of the pie you want >> “The United States regained the largest piece of the pie (35 percent) among countries hosting the most PDF exploits this quarter, as South Korea dropped from first place to fifth. China, with 11 percent, held onto second.”

Skyrocketing mobile malware >> “Our count of mobile malware samples, just about exclusively for the Android OS, continues to skyrocket. Almost 30 percent of all mobile malware appeared this quarter.”