SecurityBrief Asia logo
Story image

8 years of Android: malware, malicious apps, and how to stay safe

26 Sep 2016

Happy Birthday Android! It has been eight years since the Android project was officially released and introduced to the public – on September 23rd 2008 to be exact. In that short time, Google’s platform has rocked the mobile universe.

As the latest stats from Gartner show, Android now controls over 85% of the smartphone market and is by far the biggest player in the tablet market as well. However, that huge share also has its drawbacks – it makes the operating system very attractive to cyber aggressors, who aren’t sitting idly by and waiting.

Instead they’re coming up with new techniques to attack an increasing number of victims, on a never-ending quest for yet unseen vulnerabilities to exploit. A great example of this surfaced just a few weeks ago at the DEF CON 24 Hacking conference.

White hat security researchers revealed they had found four Android vulnerabilities, collectively naming them QuadRooter. According to their report, any of the four can be exploited by cybercriminals, providing them with access to smartphones and tablets equipped with Qualcomm chipsets, which adds up to around 900 million Android devices.

On top of that, cybercriminals are trying to misuse this situation, luring users into a trap by offering them fake apps promising to fix the security glitch. Unfortunately, that is not what those apps actually do. On the contrary, these programs serve users ads or just make them pay money for nothing. But this kind of deception is nothing new.

Despite the Google Bouncer and human review that work to block malicious content, several fake apps mimicking the popular game Pokémon GO appeared on Google Play. Amid the media-induced hype around the game, most of the copycat apps were serving users scareware, ads and surveys. One of them even froze the target devices and forced users to restart their smartphone by removing the battery.

Social engineering and phishing is also not uncommon when targeting Android users. At the beginning of the year, a fake app on the official market posing as Instagram offered potential downloaders a route to gain followers. However it was actually harvesting their social media account credentials in order to sell them.

Looking at some statistical data from earlier this year, the attackers were able to push over 340malicious porn clickers into Google Play in just 7 months (between August 2015 and February 2016), with the average number of downloads reaching as high as 3,600 per fake app. These figures may actually be much lower than the true picture given that there are 1.5 million apps on the official app store.

What all these cases have in common is the fact that cybercriminals are trying to copy popular apps in order to attract as many victims as possible. If the malware is uncovered, they’ll often just make a few changes, repack the app and try their luck again. With this technique they are able to repeatedly infect large numbers of users with minimal effort invested into redesigning the malicious code.

The situation is worse at various unofficial markets, where even nastier malware is to be found. Very popular amongst PC-targeting cybercriminals, ransomware has already made its way to mobile platforms and ESET has seen both main types – lock-screen as well as crypto-ransomware.

So what’s the take through eight years of the Android story? The larger the platform and its user base gets, the more it’s targeted by cybercriminals. Thus, hoping for the best and letting its creators keep it secure isn’t enough. Instead, users should go the extra mile and follow a few basic principles to avoid unnecessary trouble:

  • First of all, keep your devices up to date, ideally set them to patch and update automatically, so that you stay protected even if you’re not among the most security savvy users.
  • If possible, stick with Google Play or other reputable app stores. These markets might not be completely free from malicious apps, but you have a fair chance of avoiding them.
  • Prior to installing any app, check its ratings and reviews. Focus on the negative ones, as they often come from legitimate users, while positive feedback is often crafted by the attackers.
  • Focus on the permissions requested by the app. If they seem inadequate for the app’s functions, avoid downloading the app.
  • Use a reputable mobile security solution to protect your device.

Article by Ondrej Kubovic, blogger for WeLiveSecurity 

Story image
Video: 10 Minute IT Jams - Radware VP on the challenges of cloud security
In this interview, Techday speaks to Radware vice president of technologies Yaniv Hoffman, who discusses the primary challenges facing IT organisations in terms of their cloud security apparatus.More
Link image
Webinar: Securing privileged access to stop attackers in their tracks
Thycotic's immersive webinar will demonstrate how attackers acquire passwords on endpoints and access critical cloud applications — without being detected.More
Story image
Attivo Networks expands Active Directory suite for greater protection
"We see Active Directory exploitation used in the majority of ransomware, insider and advanced attacks. We are pleased to now offer our customers early and efficient solutions for preventing the misuse of Active Directory.”More
Story image
FortiGuard appoints former cyber warfare officer
Former RAAF cyber warfare officer Mark Robson has been appointed as senior tactical threat analyst in FortiGuard’s managed detection and response team, FortiResponder.More
Story image
AvePoint brings Salesforce Cloud Backup to channel partners
The product adds to the AvePoint suite of trusted Cloud Backup for Microsoft 365 and Dynamics 365 to provide managed service providers with backup and restore capabilities across multiple, popular SaaS providers.More
Story image
Major firms disclose breaches in the wake of SolarWinds attack
Microsoft, Shell, GoDaddy, MobiKwik — these are just some of the high-profile company's on the receiving end of sophisticated attacks, writes Bitglass senior director of marketing Jonathan Andresen.More