New mobile malware exclusively targets Android in Q3

Malware targeted smartphones running on Android operating system are still on the rise as nearly all new mobile malware in the third quarter was aimed at the Google platform, cyber security firm McAfee said in its latest report issued on Monday. According to McAfee's third quarter security report, the number of viruses, Trojans and other rogue pieces of code targeted Android jumped nearly 37 percent since the second quarter. The company has raised its prediction for 2011 to 75 million unique malware samples, up by 5 million compared with the projection made at the end of last year. The year of 2011 is set to be the busiest in malware history, said McAfee. One of the most popular forms of malware in the third quarter was sending Trojans through short messages that collect personal information and steal money. McAfee's report showed that some new malware also records users ' conversations and forwards them to the attacker. Meanwhile, Apple's iPhone, the biggest competitor of Android handsets, remains free of malware in the third quarter. Operating system policy has been seen as a major reason for the rise of malware. Compared with Apple's strict rules on its App Store, Android's ecosystem is more open but relatively chaotic. As any developer can publish software applications, innovative or malicious, to the Google platform, Android has become a victim of its own success. Security experts think the problem of Android malware may get worse in the future. Some malware researchers told news site Security News Daily that the situation is like "too many cooks in the Android kitchen." Unlike Apple which makes, maintains and takes complete control over the iPhone and iOS operating system, several manufacturers build Android phones and often tweak the software. It also falls on the mobile carriers, not Google, to push out security updates to customers. As opposed to iPhone owners who typically keep their devices all their lives, Android customers tend to buy new phones every 12 to 18 months, which makes manufacturers and mobile carriers consistently focused on bringing out the latest model, not on fixing security flaws that already exist, said Harry Sverdlove, chief technology officer for Massachusetts-based security firm Bit9. Meanwhile, a majority of Android users are unaware of their phone's security flaws since they have not been caught in an attack. The problem would remain until a large share of Android customers experience firsthand the damage malware can cause, said Sverdlove.