Security researchers have recently discovered a malicious Android app titled Adult Player that appears to offer free pornography but instead secretly takes pictures of users with the phone’s front-facing camera (Russon 2015). The app then holds the phone hostage and pressures the victim to pay a $US500 ransom through PayPal (Russon 2015).
Ransomware attacks are becoming a major threat to Android users downloading applications from third-party markets (Seals 2015). Indeed, Apple CEO Tim Cook has argued the rampant fragmentation of Android devices and OS versions is turning devices into a “toxic hellstew of vulnerabilities” (Edwards 2014).
However, the iOS App Store is not itself an impenetrable walled garden protected from malware. Cybersecurity experts predict that a new wave of iOS attacks will emerge as cybercriminals learn how to bypass Apple’s security controls (Gilbert 2015).
In 2013, security researchers managed to sneak a malicious app into the Apple App Store undetected, raising questions about Apple’s app vetting system (Schoon 2013). More recently, Masque Attack malware was discovered to emulate and replace existing legitimate apps, while Wirelurker attacks iOS devices through Apple Mac computers (Gilbert 2015).
As the number of iOS attacks continue to increase, Apple will focus on improving its bug resolution process. However, given the breadth of Android’s community of developers inspecting and improving its code, combined with its shorter feedback loops and open source model of continuous improvement that allow it to react and implement change faster, Android may just claim victory. After all, in the open source world, “given enough eyeballs, all bugs are shallow” (Raymond 2001).
Watch the YouTube video I created on this subject below:
Edwards, J 2014, ‘Tim Cook Just Ripped Android To Shreds’, Business Insider, 3 June, accessed 9 September 2015, <http://www.businessinsider.com.au/apples-tim-cook-just-ripped-android-to-shreds-2014-6>.
Gilbert, D 2015, ‘Significant iPhone and iPad malware threats will emerge in 2015’, International Business Times, 5 March, accessed 9 September 2015, <http://www.ibtimes.co.uk/significant-iphone-ipad-malware-threats-will-emerge-2015-1490577>.
Raymond, E 2001, ‘The Cathedral and the Bazaar’, Unterstein Net, accessed 9 September 2015, <http://www.unterstein.net/su/docs/CathBaz.pdf>.
Russon, MA 2015, ‘Adult Player Android porn app blackmailing users with secret photos and demands of ransom’, International Business Times, 7 September, accessed 9 September 2015, <http://www.ibtimes.co.uk/adult-player-android-porn-app-blackmailing-users-secret-photos-demands-ransom-1518808>.
Schoon, R 2013, ‘Malicious Jeklyy App Sneaks Into Apple’s Walled Garden, Doubts Raised About Vetting Process’, Latinos Post, 17 August, accessed 9 September 2015, <http://www.latinospost.com/articles/25720/20130817/malicious-jekyll-app-sneaks-apples-walled-garden-doubts-raised-vetting.htm>.
Seals, T 2015, ‘Led by Ransomware, Android Threats Surge 75%’, Info Security, 16 January, accessed 9 September 2015, <http://www.infosecurity-magazine.com/news/ransomware-android-threats-surge/>.