SOFTWARE DEVELOPER Google's Android mobile operating system is so beset by cyber criminals creating malicious apps that the malware is on track to hit the million mark before the end of 2013, Trend Micro has warned.
The news is in the security firm's second quarter Security Roundup Report, which reveals that the number of malicious Android apps surged by 350,000 in the first half of 2013, hitting a total of 718,000 by June this year.
Trend Micro said that this was attributable to hackers seeking to exploit Android's growing global user base.
"Google's open Android ecosystem continues to be exploited by cyber criminals, with the number of malicious apps rising from 509,000 in [the first quarter of] 2013 and well on track to hit the million mark before the year is out," the Trend Micro report said, adding that the majority are packaged to look like popular smartphone apps.
"Malware has even been found on the official Google Play store, making security software no longer a nice-to-have for Android handset owners but an increasingly essential tool to prevent malicious app downloads."
The most common malicious apps accounted for 44 percent of the overall number found, and worked by subscribing users or using services without their knowledge, such as sending premium rate texts with the malware developer pocketing the profit.
At 24 percent, the second most common malicious apps were those that stole data, followed by adware and apps that download more bad content.
This data stealing malware is on the rise thanks to the fractured nature of the Android user base. Because it is difficult for patches to reach all users in an effective timeframe, some users will never get patches as vendors leave their customers at risk of attack, the report claimed.
The security company noted that this threat will continue to grow rapidly until smartphone vendors realise the urgent need to protect users the same way PC vendors do their users.
"At the rate this malware is accelerating - almost exponentially - we appear to be reaching a critical mass," the report warned.
The growing number of malicious toolkits being made available on the online black market for free or via two for one and other deals, was also observed in the report.
"Making toolkits more affordable in this way will increasingly democratise the means to launch attacks and cause havoc for internet users and businesses."
Trend Micro advises that third party security software is essential to prevent malicious downloads, which are increasingly coming from users visiting fake or compromised websites. µ
Sign up for INQbot – a weekly roundup of the best from the INQ