Android and Java: Top Targets for Malware and Compromise in 2013


According to a recent publication by Cisco, Google’s Android mobile platform is the target for 99 percent of mobile malware across the globe, with little signs of slowing up. Cisco revealed this stunning statistic in the 2014 Annual Security Report published in January, the findings of which should alarm Android users to the core.

The report details how the Andr/Qdplugin-A malware set was amongst the most common, responsible for 43.8 percent of known attacks against the platform. Cisco further reported how Android malware sets are rapidly spread throughout the community as Trojanised applications, designed to look like legitimate, safe apps on third-party marketplaces. It is believed that the open nature of Android devices and the marketplace directly contributes to the fast spreading rate of malware on the platform.

Furthermore, Cisco believe that due to the size of the user base it is one of the most attractive targets for hackers. Being an open platform with an uncharted number of iterations and configurations, mitigating some of the exploits on this platform is highly improbable. As new exploits are designed daily, Android users may rapidly find themselves fighting a losing battle unless they are careful with the kind of apps they are downloading.

The open nature of Android allows developers the opportunity to alter the underlying operating system and create applications and marketplaces beyond the control of Google. This provides very little in the way of control and some market places are known specifically as being places to spread malware easily across the globe. Users downloading apps from these market places will quickly find themselves compromised, as Cisco’s report suggests.

This statistic is not surprising, given that 79 percent of all mobile malware was attributed to Android in August 2013 in a report issued by the US Department of Homeland Security.

79 percent of all mobile malware was designed to target Android in 2013

79 percent of all mobile malware was designed to target Android in 2013

In addition to Android platforms, Java has been noted as being the most prominent method of compromise in the same Cisco report. Cisco identify Java vulnerabilities as being responsible for 91 percent of all indicators of compromise from the cyber forensics work that took place.

Again, this is an unsurprising statistic to any security consultant – Java has been a constant method of vulnerability for a number of years. This escalated in 2013 when Oracle had to release a number of critical security patches as a number of high level vulnerabilities were identified.

Java’s global reliance, use and adoption may be the reason for the sharp increase in Java vulnerabilities over the past few years. Cisco report that 97% of enterprise end points in the US run Java. In a similar statistic, 89% of home computers also have Java installed and used for Internet browsing. This such a global, large attack surface that cyber criminals have latched onto it for decades.

Although these statistics are the highest rates for many years, by publicising these statistics there is hope for organisations to patch and keep up to date with the latest security fixes. Organisations must begin with the basics and understand that 90% of cyber attacks will focus on the low hanging fruit – for example, unpatched Java vulnerabilities. By understanding this and implementing a safe patching policy that includes all applications and appliances, organisations can lower the risk of compromise and protect themselves.

Similarly, home users need to understand the risks of using unauthorised market places to download apps – this is essentially giving anyone in the entire world free reign to put whatever code they want on your device. Users need to begin thinking in a comparative way – I think if somebody physically entered your house and asked to put something onto your mobile phone you would almost certainly say no, the same needs to happen remotely.


About Lee Hazell

Lee Hazell is a cyber security consultant with a keen interest in anything tech or security related. Follow Lee on .

Leave a Reply

Your email address will not be published. Required fields are marked *