How Android Malware Evolved Over Q2 2015

The recently released Quick Heal Quarterly Threat Report for Q2 2015 had some interesting trends and insights into the IT security industry. The report highlights in-depth statistics and analysis of all malware samples that were detected in the months of April, May and June 2015. The platforms that were studied for the purpose of this report were Android and Windows and it is very interesting to see how several malware strains have now become common over both these platforms.

Threats like ransomware and Adware, which have previously afflicted thousands of Windows PCs worldwide, have now become a common occurrence over Android smartphones and tablets as well. Moreover, Android users are also subjected to several additional security risks such as:

• Device loss or theft
• Fake apps on trusted sources like Google Play
• Snooping over free and insecure Wi-Fi access points
• Hacking into sensitive data stored in the cloud

Key findings of the Quick Heal Threat Report Q2, 2015 for Android

• The Quick Heal Threat Research Labs received 500,000 Android malware samples per month in this time period. This represented a growth of 16% over Q1, 2015.
• Out of these detected samples, 170 new Android malware families and 232 new variants of existing malware families were detected.
• Android Adware continues to dominate the malware charts with a 67% stake in the detected samples count, highlighting how malicious and intrusive ads are primary propagation methods.
• The most prominent Android sample from Q2 was Android.Airpush.G which is a type of Android Adware. This sample constituted a whopping 49% of all detected samples.
• Analysis of several pre-installed apps on new devices has also led the Quick Heal Threat Research Labs to conclude that many devices are equipped with spyware straight from the factory.

Future trends for Android over the coming months

BYOD policies to be targeted in the next quarter

Bring Your Own Device (BYOD) policies have now allowed enterprises to manage the ever increasing usage of employee smartphones and tablets. Malware authors are also now well aware of this trend and are doing all they can to leverage the inherent weakness of this policy. By intercepting insecure personal devices, malware authors are stealing corporate data and intellectual property. Such types of trends are expected in the upcoming quarters.

More mobile devices with pre-installed spyware

The Quick Heal Threat Research Labs have analyzed several pre-installed apps on new devices and have found that these devices were equipped with spyware apps from the factory itself. This raises concerns about the in-built and pre-installed apps that come loaded on new devices in the market. We expect more such cases to come to the forefront in the near future.

Continued dominance of Adware on Android devices

Adware has been a leading source of malware and security concerns on Android devices over the last few years and this is a pattern that is expected to continue in 2015 as well. Adware variants are not going anywhere and they are expected to evolve further and persistently play a leading role in detected Android malware samples. In the second quarter of 2015, we discovered 17 new variants of Adware families and this indicates the upward trajectory of this malware family.

The Quick Heal Quarterly Threat Report Q2 2015 highlights the rising threats of malware over the immensely popular Android computing platform. With such large numbers of malware samples involved, the need for security awareness and effective security measures is now higher than ever. Additionally, the evolving nature of malware and the various devices that they can propagate on should also make Android users wary about every single tap that they make on their smartphone.