Keeping Your Android Device Protected from Malware
Even if you’re an owner of an Android device, you may not be aware that the Android operating system is run on 87% of smartphones worldwide. While this is a mark of success, it is also the indicator of a huge opportunity for the bad guys.
As of 2013, 97% of global malware was targeted at Android. There were 804 new families or variants of malware threats detected that year alone.
As an Android user, what can you do to protect yourself against mobile malware and its consequences?
In this article I’ll cover how Android malware attempts to infect your device, and how you can prevent it from doing so. By following a few common sense steps, you can keep your Android device, and your personal data, safe from the bad guys and their mobile malware.
How Does Mobile Malware Infect a Device?
Most malware that infects Android devices comes from unregulated software sources.
While just 0.1% of the apps found in Google’s official Play Store on average contain malware, (and it’s usually discovered fairly quickly when it’s present), other third party Android app “stores” weren’t so lucky.
According to Forbes, the Mumayi, AnZhi, Baidu, eoeMarket and liqucn repositories were found to have 6%, 5%, 8%, 7% and 8% malware penetration respectively and an amazing 33% of apps were infected in the Android159 repository.
Most of the affected apps in those repositories were repackaged or faked games.
The top 8 Android apps that were targeted for repackaging to include malware were:
- Candy Crush Saga
- Clash of Clans
- Slotomania – Free Slots
- Minecraft – Pocket Edition
- Castle Clash
- Double Down Casino
- Kinghts & Dragons
- Pet Rescue Saga
All of those repackaged apps were found in the unregulated software repositories.
If you live in the United State, you can breathe slightly easier than in some other countries. Of the top 10 countries reporting malware detections in 2013, the U.S. comes in a distant third (5% of detections), far behind Saudi Arabia (an amazing 42% of reports), and India (an unhealthy 33% of reports.)
The main lesson here is that it’s clear that by avoiding the unregulated software repositories, and by sticking with such “clean” sources such as Google’s Play Store, and Amazon’s App Store, you can easily avoid most of the malware that is lurking in the wild.
As a side note, while most malware comes to your device via infected apps, there have also been an increase in the number of attacks where malware is pushed to the device via ads of the type: “Warning! Infection detected! Download this app now to disinfect your device!” This type of attack is reminiscent of similar attacks on desktop computers in previous years.
What Does Malware Do After it Attacks my Device?
In most cases the majority of malicious apps targeting Android devices attempt to exploit the user’s interactions with the device.
Repackaged apps, as we mentioned above, are typically injected with malicious routines, which ask for more permissions on the devices that the original “clean” app may have asked for.
The malicious apps then take advantage of the increased permissions to send premium SMS messages the user then must pay for, or to connect to similarly infected devices. (The majority of mobile threats discovered in 2013 were motivated by profit, in place of any malicious intent. (Via F-Secure.))
How Can I Detect an Infected App?
As mentioned above, infected apps will ask for overreaching permissions that the pristine app will not. You can see an example in the graphic below:
In many cases, by simply examining the permissions the app asks for, you can detect if an app may be hiding a Trojan. Again, we reference the graphic above. Why would a game need a permission to make phone calls? That request is a definite indicator that something may not be exactly kosher with the app.
The most requested permissions of infected apps are: Internet access, the ability to read the device’s current state, the ability to write to external storage, such as an SD card, and the ability to send SMS messages. (Of course, since the app needs that permissionto be able to send those premium SMS messages that you’ll wind up paying through the nose for.)
How Can I Check My Device for Infection?
The Google Play store offers numerous “anti-virus” apps. Most are available free or for a small fee, and are from such reliable vendors as AVG, AVAST, and F-Secure. If you think you might be carrying Trojan apps around on your devices, download one of these apps and allow it to scan your device.
How Can I Keep my Device Clean?
While keeping your device 100% clean from threats is never certain, you can definitely have an edge on keeping your device clean from threats by staying in the well-lit areas of the Internet when searching for apps for your Android device. Download apps from known-safe sources, such as Google’s Play Store, and Amazon’s App Store.
Keeping your device, and your personal information safe from the bad guys is a simple matter of paying attention to where you download the apps you install, and actually reading the blurb that pops up on your device’s screen when an app first asks for device permissions.
If you have any questions or comments about keeping your Android device protected from malware, please leave a question or comment in the comments section below, and I’ll respond as soon as I can.