Turns out Marvin had something to be paranoid about.
The famously dour robot may be a work of fiction, but the danger to his android counterparts in our world is all too real. Devices using the Android operating system are a prime target for attacks, which have increased by 151% since the beginning of the year, new research from Malwarebytes finds.
Making a dent. Malwarebytes Senior Director of Technology, Engineering, and Consumer Privacy Shahak Shalev told IT Brew that those numbers indicate attackers are finding success targeting Android, which is used by almost 4 billion people worldwide. The operating system dominates the global market, responsible for over 70% of users and dwarfing its competition, iOS. Going after Android makes sense just as going after Windows rather than Mac computers made sense a decade ago, he explained.
“We’re seeing that now with Android, and I believe it will continue to rise,” Shalev said.
The triple-digit percentage increase is notable enough in its own right, but there are even more staggering numbers in the research. Between April and May, Malwarebytes tracked a 692% increase in SMS-based malware. Shalev noted the increase is due in part to the use of AI in text-based personalized phishing messages and the access to dark web data that can leave users more susceptible to attack.
“AI is a very good enabler for that, and, more importantly, for the scale of it,” Shalev said. “They can easily run multiple agents and do not slip.”
So long. While the numbers are eyebrow-raising, Android being open to attacks is not unexpected. Security research group Dr.Web highlighted the danger of adware on the Google Play Store, and a recent analysis from PRODAFT found that Android devices are being infected by malware-as-a-service.
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
“There are very few apps that actually need to read your screen or need to access data of other apps,” Shalev said. “I think they can really double down over there, or even a periodic checkup telling you, ‘Hey, this app has a lot of permissions. Are you sure you still need that?’”
In June, Zimperium VP of Global Solutions Kern Smith told IT Brew that the mobile security firm’s report on Android vulnerabilities found privilege escalation a real danger—and one that he warned threat actors are increasingly adopting a “mobile-first attack strategy.”
“If I know that if somebody buys this type of device, there is a set of applications that are always going to be installed on that device…I’m going to focus my investigation to find vulnerabilities on that subset of applications,” Smith told IT Brew.
Superhighway. Android is just part of the overall threat surface, Shalev told IT Brew, and unsurprisingly, protecting against the danger requires the same level of basic security hygiene as most threats. But when you’re seeing a nearly 700% increase in text-based phishing attacks?? That’s time to protect your digital footprint.
“People should be aware that their data out there is being used against them and that they should consider other types of protections, like safe browsing, scam protections outside of the mobile world, including mobile itself,” Shalev said.