The Spanish Cyber Security Institute (SCSI) published a reporton the Android malwaresituation

The Spanish Cyber Security Institute (SCSI), in association with HISPASEC (, has published a report on the situation of malware in the Android platform.

To conduct the research a total amount of 76.000 samples of malwarefrom the last semester of 2014 were compiled and analyzed,in collaboration with HISPASEC.

The report unveils that Android has turned into the mobile platform that cybercriminal has attacked the most. It cites reports from Kaspersky, Cisco and others that revealhigh rates of malware and Android applications that were infested.

The report analyzes, among other factors that contribute to this situation:

  1. The immense spread of Android devices that reaches an amount of 900 million.
  2. The platform still hasvulnerabilities and its securitychecks are not 100% effective.
  3. A high percentage of Android applications are not developed usingmethodologies that prioritize security and reuse codes with security failures.

In the researchthere is a general analysis concerning the layers thatshape the Android architectureand its security model. It also highlights some security weaknesses that should befixed, among them the applicationsthat are usually signed with self-signed certificates (they do not requirea certification authoritythat assuresthat a certain application does not represents a riskfor theuser) and the possibilityof creatingpersonalized permitsthat may constitutea privacy risk if they are not correctly implemented.

Other risksanalyzed are the applications (APK) that include useless advertising with the goal ofenrichingthe application’s developer, orevenwhen the systemis usedto spread themalware throughadvertisements that redirect tothis kind of threats,compromisingthe safety of the devices.

In the report there is a detailed analysis of the applications that were studiedandseveral statistics are shown (types, words, languages, domains, families, etc.) of the malware that compromised them.

 In the conclusions the report indicates:

  • Android malware have increased in the recent years and it is forecasttheir escalation in the next years.
  • The current malware, similarto what happened in the Windows platform, havereached an importantlevel of sophistication,in part provokedby the great economic benefitsobtained by the developers.
  • The users are not aware of the risks to which they are exposed and in many occasions do not take the necessary measures to obstruct the actions of the malware developers.

The report is available in Spanish and in English on: