Android Becoming Prime Target for Malware Makers

Attacks on Android by malware writers have jumped by 76 percent over the past three months, making it the most assaulted mobile operating system on earth during the period, according to a report by cybersecurity solutions maker McAfee.

While malware targeting Google’s mobile operating system increased substantially from the first to the second quarter of this year, the amount of malicious software for Android still lags behind that written for the Symbian OS and Java ME. With Symbian slowly dying out, however, that will no doubt change, as McAfee’s numbers suggest.

The rapid rise in Android malware in the second quarter “indicates that the platform could become an increasing target for cybercriminals–affecting everything from calendar apps to comedy apps to SMS messages to fake Angry Birds updates,” McAfee said.

McAfee’s findings reveal that malware makers are abandoning a sinking ship–Symbian–for a more seaworthy vessel–Android. They no doubt have set their eyes on the mobile transaction market that is expected to grow in the coming months. Much of that growth is expected to be fueled by Google and its controversial “wallet” for Android phones.

Another disturbing development McAfee researchers observed was the increase in attacks on Apple systems. Those attacks most often took the form of fake antivirus offerings. “Apple’s OS X has been mostly ignored by malware writers for years, so this represents a significant change of target for cybercriminals,” the report said.

McAfee’s researchers said they were unsurprised by that development, however. “There are more Mac users than ever before as well as steady business adoption,” they reported. “This puts the Apple platforms squarely in the crosshairs of malware authors. It will be interesting to see if this type of malware makes its way to the iPhone and iPad as well. It is probably a case of ‘when’ rather than ‘if.'”

The report also contains a summary of what McAfee considers “cyberwar” attacks during the quarter. They included:

• A Distributed Denial of Service in March targeting a group of Russian bloggers, including President Dmitry Medvedev, on LiveJournal.
• A cyberattack on the Norwegian military in March in which 100 senior military personnel received an email message with an attachment that appeared to come from another government agency.
• Temporary shutdown of the Internet connections at the Oakridge National Laboratory in April after a sophisticated cyberattack was discovered being spread through phishing email messages.
• A breach in May of South Korea’s National Agricultural Cooperative Federation, which delivers supply, processing, marketing, and banking services to more than 4000 branches in the country.

The report also noted that during the first six months of the year, Microsoft products have lost their charm for malware writers while Adobe’s offerings continue to gain in popularity. “This trend does not prove that Adobe’s technologies are more vulnerable or have more coding bugs than Microsoft’s,” the report said. “Rather, Adobe is one of the clear leaders in worldwide client applications, and this leadership is what drives malware authors and cybercriminals: They target what is popular and in wide use.”

Follow freelance technology writer John P. Mello Jr. and Today@PCWorld on Twitter.