The woes continue for Android users when it comes to security. Readwrite reports that apps listed on the Play Store are more vulnerable than their counterparts on the App Store, and because of the lacking review policy in the former, anyone who installs an app from Google Play is at a greater risk of malware device infections.
And in the third quarter, the malware that makes the Android system vulnerable accounted for 97% of the threats, with the rest being accounted for by the Symbian OS. As a comparison, there was no malware associated with Windows Phone, iOS and Blackberry OS.
Android users are gradually developing knowledge about the types of malware that can infect their devices and how to avoid them, such as fake installers disguised as genuine looking applications, but the majority aren’t aware of 3 malware types:
Remote Access Trojans or RAT has been used by hackers to infect email boxes, capture images and even videos of the victims. The rise in Android device activations has extended this malware to the OS, allowing hackers to use the tools and processes to gain complete control of the victim’s device.
AndroidRAT can be installed by a user when he downloads an activity application on his or her device, and once it launches along with the application, it can access phone book data, SMS messages and call logs. It can also monitor call activity, stream audio to its server from the phone’s speaker and send text messages. The threat is the greatest for users who don’t have antivirus software for Android installed on their device, but regularly download cracked versions of paid apps.
DroidKungfu was discovered by North Carolina State University researchers, who announced it was affecting all Android OS versions up to 2.2 Froyo. This malware allows hackers to steal sensitive user information through the backdoor, and it has also been rumored to have the ability to transform the device into a bot.
After gaining control of the device, it can make the handset/tablet perform certain actions without the permission of the owner. The latest Android OS versions do limit the threat of DroidKungFu, but still it is able to grab some of the user’s information. The best workaround that the user can perform in this regard is to only download trusted/reputable apps from the Play Store.
This malware is found in copies of mainstream apps and games such as Drag Racing, Jungle Monkey and Donkey Jump. After installation on an Android device, it presents a fake upgrade message to the users. If the device owner opts in for the upgrade, the malware will create a copy of itself in another location of the device. And restarting the app is going to toggle on the malware.
After the activation, the malware further infects different services in the operating system and uses them to transfer information about calls, SMS etc., resulting in fees for the user. It may also inject messages in the inbox of a device, and most of the activity takes place without the user’s knowledge in the background. The damage can be limited with a good security app and avoidance of suspicious applications from Google Play.
How many Android malware types are you aware of? Feel free to leave comments.