Mobile Malware Evolution 2019 [Part 2]

We covered mild and moderately severe Android malware in part 1. Part 2 will focus on severe malware for Android, and how to avoid infections in general.

Severe Android Malware

Android Ransomware

Although not as common as Windows ransomware, file-encrypting or blocking malware for Android is a still a thing. Just like ransomware for computers, Android ransomware can spread via spam emails, malicious downloads and ads, making it very easy for users to infect their smartphones. Ransomware is classified into a couple of categories, one that encrypts files, and one that blocks access to your device.

File encrypting ransomware would lock your files, making them unopenable. Victims are requested to buy the decryption tool that would unlock the files. Situations like that are why it’s important that you regularly backup your files stored both on your computer and on your smartphone.

The malware that blocks your device is more common. You can encounter different versions of this, some might plainly state that they have locked your device and that you need to pay, while others might claim that you have broken some kind of law and need to pay a fine. The former version simply locks your device to require a PIN to unlock it, and then tries to sell the PIN to you. It’s pretty straightforward. Ransomware developers also try a different tactic. Some Android lockers block access to the smartphone and then claim that the victim has broken some kind of law, which resulted in law enforcement locking the screen. If the victim agrees to pay a fine, the phone will unlock and charges will go away. Oftentimes, the supposedly broken law is stealing copyrighted content or watching child pornography. Obviously, this makes no sense but panic makes people act foolishly. And even if they did not do any of the mentioned things, victims occasionally end up paying because the situation seems very dire.

There is also such a thing as wiper malware, although it’s unlikely that it would infect your Android phone. However, if you do encounter it, your files will probably be deleted. The malware is rather pointless from the point of view of its creators, as it does not bring any kind of profit. However, it can be devastating for the user as it permanently deletes photos, videos, etc.

Remote access and rooting Trojans

Remote access allows someone to remotely connect to a device. If you’ve ever had to deal with tech-support, technicians probably asked you to allow them to remotely connect to your device, which allows them to take control over it in order to fix it quicker. However, while remote access is used legitimately, you can also encounter a Trojan that can take over your smartphone and essentially do anything with it. Whatever you can do with your device, the remotely connected Trojan can do it as well. That includes reading your messages, emails, changing settings, deleting files, etc., making it a great tool for those who wish to spy on someone.

Another type of Trojan that is equally dangerous is one that tries to gain root access to your smartphone. Root access is essentially privileged rights that allow one to change certain settings, install apps that require administrator privileges and perform other actions that regular access does not allow. If a Trojan manages to root your device, it could install highly dangerous malware. It could also replace legitimate apps with fake ones, and you wouldn’t notice until it’s too late.

How to Avoid Android Malware

While it may not seem like it at first, malware on your Android device is serious stuff. It could steal various logins and personal/sensitive information, delete or encrypt your files, and subscribe you to paid services. If you want to avoid these possibly disastrous consequences, you need to change your habits and adopt better security practices. If you are careful, you can easily avoid the majority of threats. Here are a few tips on how you can defend yourself against Android malware.

Anti-virus apps for Android

One of the easiest but most important things you can do is install a security application onto your device. A good anti-virus program will detect, remove and block malware, as well as block known malicious and phishing websites. A regularly updated security app will detect/block even the most recent threats, so you will always be protected. There is a wide range of security apps available for you to choose from, and many famous anti-virus vendors for computers also have Android versions. So you can choose the same vendor for both your computer and your Android device.

Good security practices

You can avoid a lot of malware by simply having good habits. Many dangerous apps spread via malicious links and advertisements, so all you have to do is not click on them. If you get an email from a sender you do not recognize, do not open attachments or click on links unless you are absolutely sure they can be trusted. Those links could lead to malware-ridden websites, where something could download without you even noticing. You should also avoid clicking on advertisements as your are browsing the Internet, particularly when on dubious reputation websites. Same as links, ads could lead to malicious sites with malware on them.

App regulation

While it is true that some malicious apps can slip past Google’s security on Google Play, it’s still much safer to download apps from there than from third-party app stores. However, do not blindly trust everything on Google Play and always research apps before installing them onto your Android device. Read reviews outside of Google Play, check its reputation and review the permissions they requires. Whenever you install apps, even if they are known to be safe, always question the permissions it asks you to grant. Does it need them to function as it promises? Or is it asking completely unrelated permissions. For example, if a compass app is asking you to grant it access to your contacts, SMS, photos, files, microphone, video, etc., that’s suspicious because it does not need those permissions to function.

Regular updates

Finally, regularly update your apps. Updates are released for a reason, and it’s not so you can ignore them. As vulnerabilities are discovered, they are patched by app developers, but those patches need to be installed by you. If you do not have automatic updates turned on, we suggest you do so promptly. If not, at least regularly check for updates.