Google's Android operating system is now the most-targeted mobile platform for malware, according to McAfee's latest threat report.
Android moved to No. 1 ahead of Java Micro Edition, according to the Q2 report. Out of about 1,200 mobile malware samples that McAfee Labs collected and analyzed, about 60% were aimed at Android. While total mobile malware is still but a tiny fraction in comparison with the amount of malware targeting PCs, McAfee says the trend is clear that Android is the favorite mobile target.
It's not surprising malware writers are going after Android, since phones running the software are growing in popularity. Research firm Canalys calculates 51.9 million Android-based phones shipped in the last quarter, accounting for 48% of all smartphones shipped.
McAfee says it now collects about 2 million new samples of malware every month, and is on track for its "cumulative malware 'zoo' collection to reach 75 million samples by year's end."
In its latest report, McAfee notes that among the plague of malware, the fake antivirus software problem is now hitting even the Mac. "This puts the Apple platform squarely in the crosshairs of malware authors. It will be interesting to see if this type of malware makes its way to the iPhone and iPad as well. It is probably a case of 'when' rather than 'if.'"
Rootkits, another type of malware, are also up overall. "Rootkits have seen their busiest-ever six months, up almost 38% over 2010," McAfee reports. "Two of the busiest rootkits that we encounter are Koutodoor and TDSS. Both are nasty and hide malware to steal data."
One trend noticed for several quarters now is that "malware authors prefer to write exploits that target vulnerabilities in Adobe products as opposed to those in Microsoft products." In June alone, according to the report, McAfee identified 14,000 exploits aimed at Adobe software, but only a "couple of hundred" aimed at Microsoft products, says Toralv Dirro, security strategist at McAfee Labs.
McAfee surmises the reason for this is not because Adobe's technologies are more vulnerable or have more coding bugs than Microsoft's, but because of the popularity of Adobe worldwide. Dirro points out that it's often easier to use an Adobe exploit in Web-based attacks because Adobe applications and PDFs are more easily visible to the attacker from the website.