Top threats and how to stop them
Google Android is fast becoming the mobile equivalent of Windows in the 90s – incredibly popular with users but also number one with cyber crooks. The latest stats show its share of the smartphone market stands at over 60%, way ahead of Apple’s iOS, and its tablets aren’t doing too badly either, thanks to the large number of device makers, from Samsung to HTC to Acer, who have chosen the platform.
Unfortunately, every day TrendLabs researchers uncover new strains of malware designed to steal, spy and extract money from unsuspecting users.
Android devices can of course get infected by traditional means – if users click on malicious links in emails and on social networking sites, open dodgy attachments or visit infected web pages, for example – but it is malicious applications where the criminals have focussed most of their efforts. In just one month recently, Trend Micro saw the number of malicious apps double from 10K to 20K.
Problems with the platform
Typically, malware is hidden in legitimate looking applications and often designed to look like cheaper or free versions of popular paid-for software, including mobile games, in order to lure the victim into downloading them. The problem with Android is that anyone, anywhere can make an app available for download, even if it’s not via the official Google Play app store.
To make matters worse, unlike Apple’s tightly-controlled App Store, an app can be uploaded to Google Play with minimal checks, so malware also frequently appears on this main site, although Google will usually take down anything it finds suspicious.
At the moment, the main malware threats to users spotted by TrendLabs include:
Premium service abuser – will automatically and secretly subscribe a user’s phone to premium rate services owned by the cybercriminals, then will text or call these premium rate numbers to make them money.
Click fraudster – will force user’s device to generate fraudulent clicks on search engine ads, generating money for the hacker.
Data stealer – will steal and then send information on the user’s phone, perhaps from the address book or calendar, back to the cybercriminal. They could then choose to use this to commit ID fraud, or sell it on the black market to others.
Spying – May track the user’s GPS data, or allow the hacker to turn on the phone’s mic or camera to eavesdrop on conversations.
Remote access tool/rooter – allows hacker to take complete control of the user’s device, with the aim of stealing financially lucrative data, spying, or forcing the phone to carry out other tasks unknown to the victim.
Adware – more annoying than dangerous but forces intrusive ads to appear on the user’s phone – thus generating money for the developer.
Top tips for Android security
- Be wary of free apps which should be paid-for – If it looks too good to be true it usually is
- Only use the official Android channels to download apps, and check user ratings and reviews to spot any suspicious ones
- Don’t root, or jailbreak, your Android device – Trend Micro has discovered malware designed specifically to exploit these devices
- Keep an eye on permissions – If an app is asking for access to more of your phone than it should, you may be in trouble
- Avoid free, unsecured Wi-Fi access – It can provide cybercriminals with a fertile environment for snooping on unsuspecting users.
- Invest in mobile security software – It should prevent the downloading of malicious apps, opening dodgy attachments and following malicious links. It should also have the ability to locate, lock and wipe a lost device.
- Keep up to date with the latest threat info on Trend Micro’s Fearless Web Facebook page at: www.facebook.com/fearlessweb
Tony Larks works for Trend Micro and is guest blogging for the Fearless Web. The opinions expressed here are his own.