1.5 Billion Android devices makes a target rich environment. Mobile penetration across the world is at an all-time high, and in most developed countries, saturation would be a more befitting word. According to eMarketer, just a little under a quarter of the global population own a smartphone and this figure is expected to jump to a third by 2017.
Before you start wondering how come this figure is so low, smartphone is the keyword here – a good chunk also own a regular mobile phone. And if Google’s Our Mobile Planet report from 2013 is still anything to go by, most of our readers from the United States (who apparently hold the iPhone as the preferred smartphone of choice) might be surprised to know they don’t come anywhere near the Top 10 countries with the highest smartphone penetration (don’t panic – Canada too). With such mind-boggling figures, it is little wonder then that malware cases (release and potential victims) have been on the up. Google prefers not to call it malware when it comes to its Android platform, sugarcoating it as ‘ potentially harmful applications’. However, given our topic today is not leaning towards the English Word of the Day, we’ll bypass the definitions and work with what the hoi polloi know as Android malware.
Common Types of Android Malware Most smartphone malware is found on Android, as opposed to its iOS counterpart, making Play Store more vulnerable than App Store. In fact, 99% of all mobile malware in 2013 was directed at Google’s Android system. This is according to Cisco’s 2014 Annual Security Report . Since that report, Google has moved to address its mobile operating system’s security flaws, making a raft of ongoing changes here and there. Notwithstanding, arming yourself with knowledge is the best form of defense. Here then, are some of the most common families of Android malware you should be aware of:
Spyware : used to intercept phone calls, SMS, information of any account logged in the device, information about the phone and GPS location.
SMS scammers : This irritating malware uses your phone to send premium text messages which are typically very costly. The attacker gets a cut of this money.
Trojan bankers : With every other bank and financial entity boasting their own mobile app these days, malware attackers have devised their own trojanized versions which can phish credentials and important information from Android Apps.
Ransomware : These make an attempt to cipher your SD.
Remote access Trojan (RAT) : These allow attackers to gain access back to your device when they want in order to obtain information.
Of course, there are more but these you’ll find to be the most rampant. Why Android? The Cisco report may sound like it’s on the higher end but Pulse Secure published the 2015 Mobile Threat Report (free download upon registration) which placed the number of malware designed for Android at 97%. And of all the malware threats identified in 2014, the Top 10 had to do with either SMS premium services or ad networks. In another revelation, G DATA has published a new report that says there is new piece of malware discovered on the Android platform every 18 seconds! [Source: PDF]
But why Android? Several simple reasons really, and the first is obvious. Android controls the most smartphone OS market share (with 78% in 1Q15). Relatedly, our reliance on mobile devices (smartphones and tablets) for shopping and banking transactions has led to the proliferation of Android-related cyber-crime. Of all mobile device platforms in use presently, Android applications have been touted to offer the weakest barrier to hacker penetration. The bad guys, like one recently nabbed smart chap whose LinkedIn profile is still active, are taking advantage of the loopholes in this open source OS. It’s an alarmingly susceptible world we are living in.
Where to Turn to Now? We rely on our smartphones when it comes to everyday tasks to do with music, videos, photos, shopping and banking. There are dozens of apps released daily to cater to the huge number of users: some are genuine but you can’t trust every one of them despite attempts by Google to guarantee safety in Play Store. For instance, in 2014 alone, there were 1268 families of malicious software found in Android, a staggering 390% rise from the previous year’s 464. This may sound alarming, but there are still ways you can safeguard your precious information. Here’s how…
Install virus-detection software : This is one of the first lines of defense you need to have upon purchasing a smartphone. Most of the big names in the desktop market have a mobile version you can use – some free, others premium. Remove apps
you are not using : As much as this will save you memory, the rule that says to ditch anything you haven’t worn for a year applies to apps as well. Get rid of apps you haven’t used for a while. Bloatware, aka crapware, still has permissions to access your phone data and this could be a weak link. Remove apps that ask for
unrealistic permissions : Various apps ask for various permissions before proceeding with installation. These include access to contacts, full network access and so on. Now, why would a flashlight app require access to your location or contacts? Just think about it.
Discover what personal information you are exposing to malware : If you’ve used the Internet, chances are you’ve shared lots of information which is stored online (on the cloud). Using an app like Nuvolect’s CounterCloud, you can restrict what personal information you share (or clean up personal information you’ve shared before) leaving you safe in the knowledge that you’re in the clear.
Protect yourself from malware by encrypting your data : Current virus writers are using complex code that is difficult to analyze (obfuscated code) and this code neutralizes the effect of programs like antiviruses. These are no longer sufficient on their own which calls for an app like CrypSafe to encrypt your mobile data.
Remove metadata from your photos : With the selfie craze we are witnessing before our very own phone cameras, the smartphone has taken photo-taking to another level. For those who didn’t know, every photo contains metadata: file properties about when it was taken, where, if it was edited, printed and what-not. It could be obvious or buried so deep that the average Joe (or Mary) can’t spot it – but it is there. And this is the kind of trace an Android app like PhotoShield will help you erase.
Last Word Purchasing a feature-rich, incredible smartphone is no doubt a feel-good achievement. However, awaiting you in the wings are a growing army of cyber criminals. Follow the advice discussed here to stay a step ahead of the bad guys and ensure you keep your Android device free of malware. android malware cybersecurity cybersafety