Anybody who owns a mobile phone is probably aware that malware and viruses are an unfortunate consequence of our desire to have the latest technology. It seems that every week dozens of new malicious apps are discovered, just waiting to seize our bank accounts and steal our identities. But how real is the risk?
This week, Android fans will be disappointed to learn that according toSymantec’s latest Internet Security Threat Report, “ 17 percent of all Android apps (nearly one million total) were actually malware in disguise“.
Even back in 2013, Symantec uncovered 700,000 apps that were supposedly laden with all kinds of viruses. Those numbers seem quite extraordinary, and it makes you wonder how the situation can continue this way.
Symantec’s comprehensive security report is the latest in-depth research that many in the industry use to assess the ongoing threat of malware. The security firm found that one third (2.3 million out of 6.3 million apps) of all Android apps can be classified as what it calls “greyware” or “madware” (two new buzzwords!), with the main purpose of targeting users with unwanted adverts.
First case of crypto-ransomeware
Rather more worrisome was the discovery of the first case of mobile crypto-ransomeware. That is essentially software which encrypts and locks your personal data until you pay the requested ransom to regain access. This form of malware has been around on PCs for a while now (one recent example that hit the headlines is called CoinVault), but this is the very first such case to hit Android.
There is however a ray of hope for anyone unfortunate enough to be a victim of such an attack (whether on a mobile device or a PC), as recently the Dutch cyber crime police teamed up with Kaspersky to develop software to unlock the encrypted files for you (and free of charge), thwarting the high-tech criminals.
Needless to say, mobile crypto-ransomeware is likely to gain popularity over the coming few years, so it pays to be cautious when installing apps.
Symantec ‘ s Android app analysis
Symantec made its discoveries about Android malware by using its Norton Mobile Insight software to examine more than 200 different Android app stores. The software is so advanced that it can download and analyse each app including app updates.
Most of the malware that Symantec identified tries to steal users’ personal date, such as contact lists, which are then typically sold online. Some may even trigger your phone sending SMS messages to premium services, resulting in a hefty phone bill and a nasty surprise for those involved. Other apps simply bombard you with adverts that popup over other applications, or change your default ringtone to an advert.
Anyone in the UK will have some comfort from the fact that most Android malware affects users in other regions, where the Google Play Store is not available and third-party app stores are more common.
Staying safe on your mobile
Despite all the fuss about malware, greyware, and ransomeware, it is actually fairly easy to avoid infection by malicious apps. By downloading your Android apps only from trusted sources like the Google Play Store, the chances of being affected can be minimised because Google does in fact vet the apps nowadays.
Symantec’s report doesn’t detail how many of the Google Play Store apps contained malware, but a company spokesperson said the figure is probably quite low.
“ Google does a good job of keeping malware out of the Store “ , said Symantec’s Director of Security Response, Kevin Haley. “ And if a malicious app does make it in there, they do a good job of finding it and getting rid of it“.
However, for those people that use other Android app stores, or download apps from a company’s website (or even via file sharing sites), there is of course a higher chance of infecting your phone with something that you’d rather not have.
It’s also good practice to install tried-and-trusted anti-virus software on your Android device, as there are many reputable ones in the Google Play Store. For example, “Avast! Mobile Security” and “Sophos Mobile Security” are some of the most highly regarded and well reviewed.
Furthermore, unless you are absolutely sure that you want to, it’s generally deemed risky to ‘jailbreak’ your Android device (in other words, unlocking it so that you can do all manner of previously-forbidden things with it). Jailbreaking allows much more freedom to do what you want with your mobile, but it also removes some of its security restrictions. This means that apps have more access to the core functions of the phone, such as contacts and the ability to send emails or even make calls.
Ultimately, the security of your mobile phone is your own responsibility, and all it takes is a little common sense to make sure you fall victim to malware.