Is Google's Bouncer enough to deter Android hackers and malware developers?

Google’s Android is fast becoming the most popular mobile OS in the world. But the operating system’s security profile does not match its popularity - its open architecture and its ability to install applications from third party sources make it a target for malicious minds. Google’s recently announced ‘Bouncer’ program will increase Android security somewhat - but does it go far enough?

The mobile device industry has seen a very rapid expansion in the past year. According to Gartner, worldwide smartphone sales to end users soared to 149 million units in the fourth quarter of 2011, a 47.3% increase from the fourth quarter of 2010.

Total smartphone sales in 2011 reached 472 million units and accounted for 31% of all mobile devices sales, up 58% from 2010. Specifically, Android’s market share for worldwide smartphone operating systems in 2011 leads the competition, remaining strong at 50.9%, according to Gartner’s figures.

Unlike its main competitors Apple and Windows Phone, Android’s open architecture and the less restrictive requirements for third-party application development have made it the operating system of choice for hackers and application developers creating malware for a wide range of mobile phone and tablets.

The past six months has seen a significant increase in malicious activity on the Android front. With a choice of more than 400,000 applications at hand on the Android Market, it has opened a huge niche for cybercriminals.

Our Mobile Security statistics reveal that more than 100 new malware families were detected in 2011, compared to the 3 to 4 malware strains in 2010.

Among these newly discovered e-threats are both exploits that attempt to root the device and lay the ground for further malware and also highly advanced malware with polymorphic capabilities.

The biggest issue for consumers is the lack of threat monitoring. In order to tackle this, Google recently announced it would start providing automated scanning of Android Market for potentially malicious software. The new service, codenamed ‘Bouncer’, will perform a set of analyses on new applications, applications already in the Android Market and developer accounts. Once an application is uploaded, the service immediately starts analysing it for known malware, spyware and trojans. It also looks for behaviours that indicate an application might be misbehaving and compares it against previously analysed apps to detect red flags.

Securing the Android Market is definitely a good idea, but it doesn’t eliminate the need for a security solution installed directly on the device, as people want choices and will definitely install applications from other third party markets as well. According to our stats, only 0.5% of these malicious apps were found on Google’s Android Market.

There are several other websites from where Android users can install applications. In fact, most malicious applications we discovered were actually hosted on third party markets and not directly on Google’s Market.

In order to protect ourselves from mobile malware, consumers need to follow these steps:

• Never lose sight of your smartphone in public.
• Pay close attention to the applications they install and the permission requests.
• Be wary of cheaper look-alike applications.
• Always read the terms and conditions before purchasing the app.
• Be mindful that, once information is on its way to the cloud, personal data can no longer be controlled.
• Install mobile antimalware software on your phone.

As a security company, we welcome Google’s step toward better security in the Android Market. While admitting that mobile malware is a problem will definitely raise awareness among users, we strongly believe the phenomenon will not stop here.

Based on our experience with malware analysis, malware writers will seek a way around security. It’s estimated that, by the end of 2014, mobile Internet usage should overtake desktop Internet usage and threats related to social networking, e-banking and everything else will increase accordingly, making Android security an imperative.

*Alexandru Balan has extensive experience in envisioning and designing products for a broad array of platforms and target audiences. He has more than six years’ experience in product management and marketing and more than 10 years in the security field, working closely with research, development, marketing, design and sales.